Web lists-archives.com

[PATCH v2 2/5] diff --color-moved-ws: fix out of bounds string access




From: Phillip Wood <phillip.wood@xxxxxxxxxxxxx>

When adjusting the start of the string to take account of the change
in indentation the code was not checking that the string being
adjusted was in fact longer than the indentation change. This was
detected by asan.

Signed-off-by: Phillip Wood <phillip.wood@xxxxxxxxxxxxx>
---

Notes:
    Changes since v1:
     - simplified comparison as suggested by Stefan

 diff.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/diff.c b/diff.c
index 02d885f039..e492f8b74f 100644
--- a/diff.c
+++ b/diff.c
@@ -840,7 +840,7 @@ static int cmp_in_block_with_wsd(const struct diff_options *o,
 		al -= wslen;
 	}
 
-	if (strcmp(a, c))
+	if (al != cl || memcmp(a, c, al))
 		return 1;
 
 	return 0;
-- 
2.19.0