diff options
author | John Keeping <john@keeping.me.uk> | 2013-04-02 03:03:34 (JST) |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2013-04-08 22:59:46 (JST) |
commit | b1f17f168b91d709c0c0e62608de301a36f06da9 (patch) | |
tree | 9aff1fe903087cb5016ab2afdb32a7ca1cc139b2 /shared.c | |
parent | 4b4a62d507adc61e20e75e2748301ef307a6c95f (diff) | |
download | cgit-b1f17f168b91d709c0c0e62608de301a36f06da9.zip cgit-b1f17f168b91d709c0c0e62608de301a36f06da9.tar.gz |
Fix out-of-bounds memory accesses with virtual_root=""
The CGit configuration variable virtual_root is normalized so that it
does not have a trailing '/' character, but it is allowed to be empty
(the empty string and NULL have different meanings here) and there is
code that is insufficiently cautious when checking if it ends in a '/':
if (virtual_root[strlen(virtual_root) - 1] != '/')
Clearly this check is redundant, but rather than simply removing it we
get a slight efficiency improvement by switching the normalization so
that the virtual_root variable always ends in '/'. Do this with a new
"ensure_end" helper.
Signed-off-by: John Keeping <john@keeping.me.uk>
Diffstat (limited to 'shared.c')
-rw-r--r-- | shared.c | 15 |
1 files changed, 15 insertions, 0 deletions
@@ -115,6 +115,21 @@ char *trim_end(const char *str, char c) | |||
115 | return xstrndup(str, len); | 115 | return xstrndup(str, len); |
116 | } | 116 | } |
117 | 117 | ||
118 | char *ensure_end(const char *str, char c) | ||
119 | { | ||
120 | size_t len = strlen(str); | ||
121 | char *result; | ||
122 | |||
123 | if (len && str[len - 1] == c) | ||
124 | return xstrndup(str, len); | ||
125 | |||
126 | result = xmalloc(len + 2); | ||
127 | memcpy(result, str, len); | ||
128 | result[len] = '/'; | ||
129 | result[len + 1] = '\0'; | ||
130 | return result; | ||
131 | } | ||
132 | |||
118 | char *strlpart(char *txt, int maxlen) | 133 | char *strlpart(char *txt, int maxlen) |
119 | { | 134 | { |
120 | char *result; | 135 | char *result; |