Skip to content

Commit ba47a30

Browse files
peffgitster
authored andcommitted
replace snprintf with odb_pack_name()
In several places we write the name of the pack filename into a fixed-size buffer using snprintf(), but do not check the return value. As a result, a very long object directory could cause us to quietly truncate the pack filename (potentially leading to a corrupted repository, as a newly written packfile could be missing its .pack extension). We can use odb_pack_name() to do this with a strbuf (and shorten the code, as well). Signed-off-by: Jeff King <[email protected]> Signed-off-by: Junio C Hamano <[email protected]>
1 parent eaeefc3 commit ba47a30

File tree

2 files changed

+24
-31
lines changed

2 files changed

+24
-31
lines changed

builtin/index-pack.c

Lines changed: 11 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -1386,7 +1386,7 @@ static void final(const char *final_pack_name, const char *curr_pack_name,
13861386
unsigned char *sha1)
13871387
{
13881388
const char *report = "pack";
1389-
char name[PATH_MAX];
1389+
struct strbuf name = STRBUF_INIT;
13901390
int err;
13911391

13921392
if (!from_stdin) {
@@ -1402,43 +1402,36 @@ static void final(const char *final_pack_name, const char *curr_pack_name,
14021402
int keep_fd, keep_msg_len = strlen(keep_msg);
14031403

14041404
if (!keep_name)
1405-
snprintf(name, sizeof(name), "%s/pack/pack-%s.keep",
1406-
get_object_directory(), sha1_to_hex(sha1));
1405+
odb_pack_name(&name, sha1, "keep");
14071406

1408-
keep_fd = odb_pack_keep(keep_name ? keep_name : name);
1407+
keep_fd = odb_pack_keep(keep_name ? keep_name : name.buf);
14091408
if (keep_fd < 0) {
14101409
if (errno != EEXIST)
14111410
die_errno(_("cannot write keep file '%s'"),
1412-
keep_name ? keep_name : name);
1411+
keep_name ? keep_name : name.buf);
14131412
} else {
14141413
if (keep_msg_len > 0) {
14151414
write_or_die(keep_fd, keep_msg, keep_msg_len);
14161415
write_or_die(keep_fd, "\n", 1);
14171416
}
14181417
if (close(keep_fd) != 0)
14191418
die_errno(_("cannot close written keep file '%s'"),
1420-
keep_name ? keep_name : name);
1419+
keep_name ? keep_name : name.buf);
14211420
report = "keep";
14221421
}
14231422
}
14241423

14251424
if (final_pack_name != curr_pack_name) {
1426-
if (!final_pack_name) {
1427-
snprintf(name, sizeof(name), "%s/pack/pack-%s.pack",
1428-
get_object_directory(), sha1_to_hex(sha1));
1429-
final_pack_name = name;
1430-
}
1425+
if (!final_pack_name)
1426+
final_pack_name = odb_pack_name(&name, sha1, "pack");
14311427
if (finalize_object_file(curr_pack_name, final_pack_name))
14321428
die(_("cannot store pack file"));
14331429
} else if (from_stdin)
14341430
chmod(final_pack_name, 0444);
14351431

14361432
if (final_index_name != curr_index_name) {
1437-
if (!final_index_name) {
1438-
snprintf(name, sizeof(name), "%s/pack/pack-%s.idx",
1439-
get_object_directory(), sha1_to_hex(sha1));
1440-
final_index_name = name;
1441-
}
1433+
if (!final_index_name)
1434+
final_index_name = odb_pack_name(&name, sha1, "idx");
14421435
if (finalize_object_file(curr_index_name, final_index_name))
14431436
die(_("cannot store index file"));
14441437
} else
@@ -1464,6 +1457,8 @@ static void final(const char *final_pack_name, const char *curr_pack_name,
14641457
input_offset += err;
14651458
}
14661459
}
1460+
1461+
strbuf_release(&name);
14671462
}
14681463

14691464
static int git_index_pack_config(const char *k, const char *v, void *cb)

fast-import.c

Lines changed: 13 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -940,43 +940,40 @@ static const char *create_index(void)
940940

941941
static char *keep_pack(const char *curr_index_name)
942942
{
943-
static char name[PATH_MAX];
944943
static const char *keep_msg = "fast-import";
944+
struct strbuf name = STRBUF_INIT;
945945
int keep_fd;
946946

947-
snprintf(name, sizeof(name), "%s/pack/pack-%s.keep",
948-
get_object_directory(), sha1_to_hex(pack_data->sha1));
949-
keep_fd = odb_pack_keep(name);
947+
odb_pack_name(&name, pack_data->sha1, "keep");
948+
keep_fd = odb_pack_keep(name.buf);
950949
if (keep_fd < 0)
951950
die_errno("cannot create keep file");
952951
write_or_die(keep_fd, keep_msg, strlen(keep_msg));
953952
if (close(keep_fd))
954953
die_errno("failed to write keep file");
955954

956-
snprintf(name, sizeof(name), "%s/pack/pack-%s.pack",
957-
get_object_directory(), sha1_to_hex(pack_data->sha1));
958-
if (finalize_object_file(pack_data->pack_name, name))
955+
odb_pack_name(&name, pack_data->sha1, "pack");
956+
if (finalize_object_file(pack_data->pack_name, name.buf))
959957
die("cannot store pack file");
960958

961-
snprintf(name, sizeof(name), "%s/pack/pack-%s.idx",
962-
get_object_directory(), sha1_to_hex(pack_data->sha1));
963-
if (finalize_object_file(curr_index_name, name))
959+
odb_pack_name(&name, pack_data->sha1, "idx");
960+
if (finalize_object_file(curr_index_name, name.buf))
964961
die("cannot store index file");
965962
free((void *)curr_index_name);
966-
return name;
963+
return strbuf_detach(&name, NULL);
967964
}
968965

969966
static void unkeep_all_packs(void)
970967
{
971-
static char name[PATH_MAX];
968+
struct strbuf name = STRBUF_INIT;
972969
int k;
973970

974971
for (k = 0; k < pack_id; k++) {
975972
struct packed_git *p = all_packs[k];
976-
snprintf(name, sizeof(name), "%s/pack/pack-%s.keep",
977-
get_object_directory(), sha1_to_hex(p->sha1));
978-
unlink_or_warn(name);
973+
odb_pack_name(&name, p->sha1, "keep");
974+
unlink_or_warn(name.buf);
979975
}
976+
strbuf_release(&name);
980977
}
981978

982979
static int loosen_small_pack(const struct packed_git *p)
@@ -1035,6 +1032,7 @@ static void end_packfile(void)
10351032
die("core git rejected index %s", idx_name);
10361033
all_packs[pack_id] = new_p;
10371034
install_packed_git(new_p);
1035+
free(idx_name);
10381036

10391037
/* Print the boundary */
10401038
if (pack_edges) {

0 commit comments

Comments
 (0)