mirror/zx2c4.cgit
1
0
Fork 0
mirror of https://git.zx2c4.com/cgit synced 2025-08-30 06:29:34 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix out-of-bounds memory accesses with virtual_root=""

Browse source 
The CGit configuration variable virtual_root is normalized so that it
does not have a trailing '/' character, but it is allowed to be empty
(the empty string and NULL have different meanings here) and there is
code that is insufficiently cautious when checking if it ends in a '/':

	if (virtual_root[strlen(virtual_root) - 1] != '/')

Clearly this check is redundant, but rather than simply removing it we
get a slight efficiency improvement by switching the normalization so
that the virtual_root variable always ends in '/'.  Do this with a new
"ensure_end" helper.

Signed-off-by: John Keeping <john@keeping.me.uk>
This commit is contained in:
John Keeping 2013-04-01 19:03:34 +01:00 committed by Jason A. Donenfeld
parent 4b4a62d507
commit b1f17f168b
4 changed files with 25 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

3
cgit.h
View file

@ -190,7 +190,7 @@ struct cgit_config {
char *script_name;
char *section;
char *repository_sort;
char *virtual_root;
char *virtual_root; /* Always ends with '/'. */
char *strict_export;
int cache_size;
int cache_dynamic_ttl;
@ -300,6 +300,7 @@ extern int chk_positive(int result, char *msg);
extern int chk_non_negative(int result, char *msg);
extern char *trim_end(const char *str, char c);
extern char *ensure_end(const char *str, char c);
extern char *strlpart(char *txt, int maxlen);
extern char *strrpart(char *txt, int maxlen);