From b1f17f168b91d709c0c0e62608de301a36f06da9 Mon Sep 17 00:00:00 2001
From: John Keeping <john@keeping.me.uk>
Date: Mon, 1 Apr 2013 19:03:34 +0100
Subject: Fix out-of-bounds memory accesses with virtual_root=""

The CGit configuration variable virtual_root is normalized so that it
does not have a trailing '/' character, but it is allowed to be empty
(the empty string and NULL have different meanings here) and there is
code that is insufficiently cautious when checking if it ends in a '/':

	if (virtual_root[strlen(virtual_root) - 1] != '/')

Clearly this check is redundant, but rather than simply removing it we
get a slight efficiency improvement by switching the normalization so
that the virtual_root variable always ends in '/'.  Do this with a new
"ensure_end" helper.

Signed-off-by: John Keeping <john@keeping.me.uk>
---
 shared.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'shared.c')

diff --git a/shared.c b/shared.c
index cc06930..1fa9c99 100644
--- a/shared.c
+++ b/shared.c
@@ -115,6 +115,21 @@ char *trim_end(const char *str, char c)
 	return xstrndup(str, len);
 }
 
+char *ensure_end(const char *str, char c)
+{
+	size_t len = strlen(str);
+	char *result;
+
+	if (len && str[len - 1] == c)
+		return xstrndup(str, len);
+
+	result = xmalloc(len + 2);
+	memcpy(result, str, len);
+	result[len] = '/';
+	result[len + 1] = '\0';
+	return result;
+}
+
 char *strlpart(char *txt, int maxlen)
 {
 	char *result;
-- 
cgit v1.2.1