Web lists-archives.com

Re: [PATCH] pretty: fix buffer over-read with %> and %<




mwnx <mwnx@xxxxxxx> writes:

> diff --git a/pretty.c b/pretty.c
> index 2f6b0ae6c..4c70bad45 100644
> --- a/pretty.c
> +++ b/pretty.c
> @@ -1021,7 +1021,7 @@ static size_t parse_padding_placeholder(struct strbuf *sb,
>  		const char *end = start + strcspn(start, ",)");
>  		char *next;
>  		int width;
> -		if (!end || end == start)
> +		if (!*end || end == start)

Yuck.  This is so obvious a typo as it is quite clear that a few
lines above will never give us !end.  Well spotted.

By the way, Documentation/SubmittingPatches has this in "(5) Certify
your work" section:

    Also notice that a real name is used in the Signed-off-by: line. Please
    don't hide your real name.


>  			return 0;
>  		width = strtol(start, &next, 10);
>  		if (next == start || width == 0)
> diff --git a/t/t4205-log-pretty-formats.sh b/t/t4205-log-pretty-formats.sh
> index 591f35daa..4d9555962 100755
> --- a/t/t4205-log-pretty-formats.sh
> +++ b/t/t4205-log-pretty-formats.sh
> @@ -598,4 +598,10 @@ test_expect_success ':only and :unfold work together' '
>  	test_cmp expect actual
>  '
>  
> +test_expect_success 'unterminated alignment formatting' '
> +	git log -n1 --format="%<(42" >actual &&
> +	echo "%<(42" >expected &&
> +	test_cmp expected actual
> +'
> +
>  test_done