Web lists-archives.com

[PATCH 2/5] diff --color-moved-ws: fix out of bounds string access




From: Phillip Wood <phillip.wood@xxxxxxxxxxxxx>

When adjusting the start of the string to take account of the change
in indentation the code was not checking that the string being
adjusted was in fact longer than the indentation change. This was
detected by asan.

Signed-off-by: Phillip Wood <phillip.wood@xxxxxxxxxxxxx>
---
 diff.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/diff.c b/diff.c
index 5a08d64497..0096bdc339 100644
--- a/diff.c
+++ b/diff.c
@@ -841,7 +841,7 @@ static int cmp_in_block_with_wsd(const struct diff_options *o,
 		al -= wslen;
 	}
 
-	if (strcmp(a, c))
+	if (al < 0 || al != cl || memcmp(a, c, al))
 		return 1;
 
 	return 0;
-- 
2.19.0