mirror/ git
1
0
Fork 0
mirror of https://github.com/git/git.git synced 2024-05-08 15:36:11 +02:00
Code

packfile.c: use checked arithmetic in `nth_packed_object_offset()` 

In a similar spirit as the previous commits, ensure that we use
`st_add()` or `st_mult()` when computing values that may overflow the
32-bit unsigned limit.

Note that in each of these instances, we prevent 32-bit overflow
already since we have explicit casts to `size_t`.

So this code is OK as-is, but let's clarify it by using the `st_xyz()`
helpers to make it obvious that we are performing the relevant
computations using 64 bits.

Signed-off-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Taylor Blau 2023-07-12 19:37:32 -04:00 committed by Junio C Hamano
parent 42be681b33
commit a519abca02
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
packfile.c
View File

@ -1948,14 +1948,15 @@ off_t nth_packed_object_offset(const struct packed_git *p, uint32_t n)
const unsigned int hashsz = the_hash_algo->rawsz; const unsigned int hashsz = the_hash_algo->rawsz;
index += 4 * 256; index += 4 * 256;
if (p->index_version == 1) { if (p->index_version == 1) {
return ntohl(*((uint32_t *)(index + (hashsz + 4) * (size_t)n))); return ntohl(*((uint32_t *)(index + st_mult(hashsz + 4, n))));
} else { } else {
uint32_t off; uint32_t off;
index += 8 + (size_t)p->num_objects * (hashsz + 4); index += st_add(8, st_mult(p->num_objects, hashsz + 4));
off = ntohl(*((uint32_t *)(index + 4 * n))); off = ntohl(*((uint32_t *)(index + st_mult(4, n))));
if (!(off & 0x80000000)) if (!(off & 0x80000000))
return off; return off;
index += (size_t)p->num_objects * 4 + (off & 0x7fffffff) * 8; index += st_add(st_mult(p->num_objects, 4),
st_mult(off & 0x7fffffff, 8));
check_pack_index_ptr(p, index); check_pack_index_ptr(p, index);
return get_be64(index); return get_be64(index);
} }