Skip to content

Commit c29edfe

Browse files
peffgitster
authored andcommitted
notes: use a strbuf in add_non_note
When we are loading a notes tree into our internal hash table, we also collect any files that are clearly non-notes. We format the name of the file into a PATH_MAX buffer, but unlike true notes (which cannot be larger than a fanned-out sha1 hash), these tree entries can be arbitrarily long, overflowing our buffer. We can fix this by switching to a strbuf. It doesn't even cost us an extra allocation, as we can simply hand ownership of the buffer over to the non-note struct. This is of moderate security interest, as you might fetch notes trees from an untrusted remote. However, we do not do so by default, so you would have to manually fetch into the notes namespace. Signed-off-by: Jeff King <[email protected]> Signed-off-by: Junio C Hamano <[email protected]>
1 parent f514ef9 commit c29edfe

File tree

1 file changed

+10
-9
lines changed

1 file changed

+10
-9
lines changed

notes.c

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -362,13 +362,14 @@ static int non_note_cmp(const struct non_note *a, const struct non_note *b)
362362
return strcmp(a->path, b->path);
363363
}
364364

365-
static void add_non_note(struct notes_tree *t, const char *path,
365+
/* note: takes ownership of path string */
366+
static void add_non_note(struct notes_tree *t, char *path,
366367
unsigned int mode, const unsigned char *sha1)
367368
{
368369
struct non_note *p = t->prev_non_note, *n;
369370
n = (struct non_note *) xmalloc(sizeof(struct non_note));
370371
n->next = NULL;
371-
n->path = xstrdup(path);
372+
n->path = path;
372373
n->mode = mode;
373374
hashcpy(n->sha1, sha1);
374375
t->prev_non_note = n;
@@ -482,17 +483,17 @@ static void load_subtree(struct notes_tree *t, struct leaf_node *subtree,
482483
* component.
483484
*/
484485
{
485-
char non_note_path[PATH_MAX];
486-
char *p = non_note_path;
486+
struct strbuf non_note_path = STRBUF_INIT;
487487
const char *q = sha1_to_hex(subtree->key_sha1);
488488
int i;
489489
for (i = 0; i < prefix_len; i++) {
490-
*p++ = *q++;
491-
*p++ = *q++;
492-
*p++ = '/';
490+
strbuf_addch(&non_note_path, *q++);
491+
strbuf_addch(&non_note_path, *q++);
492+
strbuf_addch(&non_note_path, '/');
493493
}
494-
strcpy(p, entry.path);
495-
add_non_note(t, non_note_path, entry.mode, entry.sha1);
494+
strbuf_addstr(&non_note_path, entry.path);
495+
add_non_note(t, strbuf_detach(&non_note_path, NULL),
496+
entry.mode, entry.sha1);
496497
}
497498
}
498499
free(buf);

0 commit comments

Comments
 (0)