diff options
| author | John Keeping <john@keeping.me.uk> | 2013-04-01 19:03:34 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2013-04-08 15:59:46 +0200 |
| commit | b1f17f168b91d709c0c0e62608de301a36f06da9 (patch) | |
| tree | 9aff1fe903087cb5016ab2afdb32a7ca1cc139b2 /shared.c | |
| parent | 4b4a62d507adc61e20e75e2748301ef307a6c95f (diff) | |
| download | cgit-b1f17f168b91d709c0c0e62608de301a36f06da9.tar.gz cgit-b1f17f168b91d709c0c0e62608de301a36f06da9.tar.bz2 | |
Fix out-of-bounds memory accesses with virtual_root=""
The CGit configuration variable virtual_root is normalized so that it
does not have a trailing '/' character, but it is allowed to be empty
(the empty string and NULL have different meanings here) and there is
code that is insufficiently cautious when checking if it ends in a '/':
if (virtual_root[strlen(virtual_root) - 1] != '/')
Clearly this check is redundant, but rather than simply removing it we
get a slight efficiency improvement by switching the normalization so
that the virtual_root variable always ends in '/'. Do this with a new
"ensure_end" helper.
Signed-off-by: John Keeping <john@keeping.me.uk>
Diffstat (limited to 'shared.c')
| -rw-r--r-- | shared.c | 15 |
1 files changed, 15 insertions, 0 deletions
@@ -115,6 +115,21 @@ char *trim_end(const char *str, char c) return xstrndup(str, len); } +char *ensure_end(const char *str, char c) +{ + size_t len = strlen(str); + char *result; + + if (len && str[len - 1] == c) + return xstrndup(str, len); + + result = xmalloc(len + 2); + memcpy(result, str, len); + result[len] = '/'; + result[len + 1] = '\0'; + return result; +} + char *strlpart(char *txt, int maxlen) { char *result; |