commit b4eafbcdb84fc406bff37f06fdf6310aca7d0249
author Junio C Hamano <gitster@pobox.com> Wed Nov 21 22:57:44 2018 +0900
committer Junio C Hamano <gitster@pobox.com> Wed Nov 21 22:57:44 2018 +0900
tree 89f6f96f46f64695ac84ad9a49e14017e573ef77
parent e1372c37de9bbca8a96db10fe8ab7b3a420c9108
parent ad2bf0d9b43433583e88128c278ce31c7ca4e431

Merge branch 'en/rerere-multi-stage-1-fix' into maint

A corner case bugfix in "git rerere" code.

* en/rerere-multi-stage-1-fix:
  rerere: avoid buffer overrun
  t4200: demonstrate rerere segfault on specially crafted merge

rerere.c

diff --git a/rerere.c b/rerere.c
index c7787aa..783d4da 100644
--- a/rerere.c
+++ b/rerere.c
@@ -533,7 +533,7 @@
 	}
 
 	*type = PUNTED;
-	while (ce_stage(active_cache[i]) == 1)
+	while (i < active_nr && ce_stage(active_cache[i]) == 1)
 		i++;
 
 	/* Only handle regular files with both stages #2 and #3 */

t/t4200-rerere.sh

diff --git a/t/t4200-rerere.sh b/t/t4200-rerere.sh
index 65da74c..313222d 100755
--- a/t/t4200-rerere.sh
+++ b/t/t4200-rerere.sh
@@ -577,4 +577,33 @@
 	count_pre_post 0 0
 '
 
+test_expect_success 'setup simple stage 1 handling' '
+	test_create_repo stage_1_handling &&
+	(
+		cd stage_1_handling &&
+
+		test_seq 1 10 >original &&
+		git add original &&
+		git commit -m original &&
+
+		git checkout -b A master &&
+		git mv original A &&
+		git commit -m "rename to A" &&
+
+		git checkout -b B master &&
+		git mv original B &&
+		git commit -m "rename to B"
+	)
+'
+
+test_expect_success 'test simple stage 1 handling' '
+	(
+		cd stage_1_handling &&
+
+		git config rerere.enabled true &&
+		git checkout A^0 &&
+		test_must_fail git merge B^0
+	)
+'
+
 test_done