Check size of path buffer before writing into it
This prevents a buffer overrun that could otherwise be triggered by
creating a file called '.git' with contents
gitdir: (something really long)
Signed-off-by: Greg Brockman <gdb@mit.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
diff --git a/setup.c b/setup.c
index e3781b6..01e1a6a 100644
--- a/setup.c
+++ b/setup.c
@@ -153,6 +153,8 @@
char path[PATH_MAX];
size_t len = strlen(suspect);
+ if (PATH_MAX <= len + strlen("/objects"))
+ die("Too long path: %.*s", 60, suspect);
strcpy(path, suspect);
if (getenv(DB_ENVIRONMENT)) {
if (access(getenv(DB_ENVIRONMENT), X_OK))
