Web lists-archives.com

Re: [PATCH] apply: use strcmp(3) for comparing strings in gitdiff_verify_name()





On 08/07/17 09:58, René Scharfe wrote:
> Avoid running over the end of another -- a C string whose length we
> don't know -- by using strcmp(3) instead of memcmp(3) for comparing it
> with another C string.

I had to read this twice, along with the patch text, before this
made any sense. ;-) The missing information being that 'another'
was the name of the string variable that we were potentially
'running over the end of'.

ATB,
Ramsay Jones

> 
> Signed-off-by: Rene Scharfe <l.s.r@xxxxxx>
> ---
>  apply.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/apply.c b/apply.c
> index 946be4d2f5..9b3df8a3aa 100644
> --- a/apply.c
> +++ b/apply.c
> @@ -962,13 +962,12 @@ static int gitdiff_verify_name(struct apply_state *state,
>  	}
>  
>  	if (*name) {
> -		int len = strlen(*name);
>  		char *another;
>  		if (isnull)
>  			return error(_("git apply: bad git-diff - expected /dev/null, got %s on line %d"),
>  				     *name, state->linenr);
>  		another = find_name(state, line, NULL, state->p_value, TERM_TAB);
> -		if (!another || memcmp(another, *name, len + 1)) {
> +		if (!another || strcmp(another, *name)) {
>  			free(another);
>  			return error((side == DIFF_NEW_NAME) ?
>  			    _("git apply: bad git-diff - inconsistent new filename on line %d") :
>