Merge branch 'maint-1.6.0' into maint-1.6.1

* maint-1.6.0: Fix buffer overflow in config parser

Merge branch 'maint-1.6.0' into maint-1.6.1
* maint-1.6.0: Fix buffer overflow in config parser
0fa0514b · Junio C Hamano · bc69776a · e0b3cc0d · 0fa0514b · 0fa0514b
隐藏空白更改
内联并排

Showing with 9 addition and 2 deletion

config.c config.c +1 -1

t/t1303-wacky-config.sh t/t1303-wacky-config.sh +8 -1

未找到文件。
--- a/config.c
+++ b/config.c
@@ -51,7 +51,7 @@ static char *parse_value(void)

 	for (;;) {
 		int c = get_next_char();
-		if (len >= sizeof(value))
+		if (len >= sizeof(value) - 1)
 			return NULL;
 		if (c == '\n') {
 			if (quote)

--- a/t/t1303-wacky-config.sh
+++ b/t/t1303-wacky-config.sh
@@ -10,7 +10,7 @@ setup() {

 check() {
 	echo "$2" >expected
-	git config --get "$1" >actual
+	git config --get "$1" >actual 2>&1
 	test_cmp actual expected
 }

@@ -40,4 +40,11 @@ test_expect_success 'make sure git config escapes section names properly' '
 	check "$SECTION" bar
 '

+LONG_VALUE=$(printf "x%01021dx a" 7)
+test_expect_success 'do not crash on special long config line' '
+	setup &&
+	git config section.key "$LONG_VALUE" &&
+	check section.key "fatal: bad config file line 2 in .git/config"
+'
+
 test_done