From: mwnx <mwnx@gmx.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org, mwnx <mwnx@gmx.com>
Subject: [PATCH] pretty: fix buffer over-read with %> and %<
Date: Wed, 29 Nov 2017 01:32:51 +0100 [thread overview]
Message-ID: <20171129003251.1981-1-mwnx@gmx.com> (raw)
A buffer over-read of the format string would occur with unterminated
formats of the form '%>(#' and '%<(#', where '#' represents a number.
This error can be witnessed by running git log under valgrind like so:
valgrind git log -n1 --format='%<(42'
This was due to the fact that the "not found" case for strcspn() was
being checked in the same way that one checks the "not found" case for
strchr(), i.e. by checking for a NULL pointer return value. Instead, one
must check for the end of the string since strcspn() points to the
character where it finished its search (which will be a '\0' if
unsuccessful).
Signed-off-by: Maxwell Nixie <mwnx@gmx.com>
---
Hope I got everything right.
pretty.c | 2 +-
t/t4205-log-pretty-formats.sh | 6 ++++++
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/pretty.c b/pretty.c
index 2f6b0ae6c..4c70bad45 100644
--- a/pretty.c
+++ b/pretty.c
@@ -1021,7 +1021,7 @@ static size_t parse_padding_placeholder(struct strbuf *sb,
const char *end = start + strcspn(start, ",)");
char *next;
int width;
- if (!end || end == start)
+ if (!*end || end == start)
return 0;
width = strtol(start, &next, 10);
if (next == start || width == 0)
diff --git a/t/t4205-log-pretty-formats.sh b/t/t4205-log-pretty-formats.sh
index 591f35daa..4d9555962 100755
--- a/t/t4205-log-pretty-formats.sh
+++ b/t/t4205-log-pretty-formats.sh
@@ -598,4 +598,10 @@ test_expect_success ':only and :unfold work together' '
test_cmp expect actual
'
+test_expect_success 'unterminated alignment formatting' '
+ git log -n1 --format="%<(42" >actual &&
+ echo "%<(42" >expected &&
+ test_cmp expected actual
+'
+
test_done
--
2.15.0.319.gb3398b820
next reply other threads:[~2017-11-29 0:33 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-29 0:32 mwnx [this message]
-- strict thread matches above, loose matches on Subject: below --
2017-11-26 2:52 [PATCH] pretty: fix buffer over-read with %> and %< mwnx
2017-11-27 1:46 ` Junio C Hamano
2017-11-27 23:29 ` mwnx
2017-11-28 2:10 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171129003251.1981-1-mwnx@gmx.com \
--to=mwnx@gmx.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).