mirror/git
1
0
Fork 0
mirror of https://github.com/git/git.git synced 2024-10-20 14:39:10 +02:00
Code
89ccc1b09c
git/builtin
History
John Keeping 89ccc1b09c builtin/mv: fix out of bounds write 
When commit a88c915 (mv: move submodules using a gitfile, 2013-07-30)
added the submodule_gitfile array, it was not added to the block that
enlarges the arrays when we are moving a directory so that we do not
have to worry about it being a directory when we perform the actual
move.  After this, the loop continues over the enlarged set of sources.

Since we assume that submodule_gitfile has size argc, if any of the
items in the source directory are submodules we are guaranteed to write
beyond the end of submodule_gitfile.

Fix this by realloc'ing submodule_gitfile at the same time as the other
arrays.

Reported-by: Guillaume Gelin <contact@ramnes.eu>
Signed-off-by: John Keeping <john@keeping.me.uk>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-03-11 14:44:21 -07:00
..
add.c add: don't complain when adding empty project root 2013-12-26 10:46:26 -08:00
annotate.c
apply.c Replace deprecated OPT_BOOLEAN by OPT_BOOL 2013-08-05 11:32:19 -07:00
archive.c
bisect--helper.c Replace deprecated OPT_BOOLEAN by OPT_BOOL 2013-08-05 11:32:19 -07:00
blame.c Remove the line length limit for graft files 2013-12-27 16:46:25 -08:00
branch.c Merge branch 'jx/branch-vv-always-compare-with-upstream' 2013-11-18 12:24:49 -08:00
bundle.c
cat-file.c cat-file: handle --batch format with missing type/size 2013-12-12 11:31:25 -08:00
check-attr.c Merge branch 'sb/parseopt-boolean-removal' 2013-09-04 12:39:03 -07:00
check-ignore.c Merge branch 'dw/check-ignore-sans-index' 2013-09-20 12:37:32 -07:00
check-mailmap.c builtin: add git-check-mailmap command 2013-07-13 10:19:37 -07:00
check-ref-format.c
checkout-index.c Merge branch 'nd/lift-path-max' 2013-10-30 12:10:56 -07:00
checkout.c Merge branch 'mm/checkout-auto-track-fix' into maint 2013-11-07 14:36:59 -08:00
clean.c Merge branch 'jl/submodule-mv' 2013-09-09 14:36:15 -07:00
clone.c Merge branch 'nd/transport-positive-depth-only' into maint 2014-02-05 13:58:52 -08:00
column.c
commit-tree.c
commit.c commit -v: strip diffs and submodule shortlogs from the commit message 2013-12-05 14:39:11 -08:00
config.c Merge branch 'jk/config-int-range-check' 2013-09-12 14:41:00 -07:00
count-objects.c
credential.c
describe.c describe: trivial style fixes 2013-10-31 13:47:35 -07:00
diff-files.c convert read_cache_preload() to take struct pathspec 2013-07-15 10:56:08 -07:00
diff-index.c convert read_cache_preload() to take struct pathspec 2013-07-15 10:56:08 -07:00
diff-tree.c
diff.c Merge branch 'nd/magic-pathspec' into maint 2013-12-17 11:21:34 -08:00
fast-export.c Merge branch 'fc/fast-export' 2013-09-17 11:42:31 -07:00
fetch-pack.c git fetch-pack: add --diag-url 2013-12-09 14:54:47 -08:00
fetch.c Merge branch 'nd/transport-positive-depth-only' into maint 2014-02-05 13:58:52 -08:00
fmt-merge-msg.c
for-each-ref.c for-each-ref: remove unused variable 2013-12-30 12:23:51 -08:00
fsck.c Merge branch 'jk/free-tree-buffer' 2013-09-17 11:37:33 -07:00
gc.c gc: notice gc processes run by other users 2014-01-02 16:15:29 -08:00
grep.c Merge branch 'mg/more-textconv' 2013-10-23 13:21:31 -07:00
hash-object.c hash-object: replace stdin parsing OPT_BOOLEAN by OPT_COUNTUP 2013-08-07 08:30:55 -07:00
help.c Merge branch 'ph/builtin-srcs-are-in-subdir-these-days' into maint 2013-07-21 22:51:29 -07:00
index-pack.c Merge branch 'jk/free-tree-buffer' 2013-09-17 11:37:33 -07:00
init-db.c
log.c Merge branch 'mg/more-textconv' 2013-10-23 13:21:31 -07:00
ls-files.c Merge branch 'jc/ls-files-killed-optim' into maint 2013-10-23 13:33:08 -07:00
ls-remote.c
ls-tree.c Merge branch 'jl/submodule-mv' 2013-09-09 14:36:15 -07:00
mailinfo.c
mailsplit.c
merge-base.c Merge branch 'bm/merge-base-octopus-dedup' into maint 2014-02-13 13:38:59 -08:00
merge-file.c Replace deprecated OPT_BOOLEAN by OPT_BOOL 2013-08-05 11:32:19 -07:00
merge-index.c Convert "struct cache_entry *" to "const ..." wherever possible 2013-07-09 09:12:48 -07:00
merge-ours.c
merge-recursive.c
merge-tree.c
merge.c merge: simplify ff-only option 2013-10-31 11:12:24 -07:00
mktag.c
mktree.c
mv.c builtin/mv: fix out of bounds write 2014-03-11 14:44:21 -07:00
name-rev.c branch, commit, name-rev: ease up boolean conditions 2013-08-07 08:30:30 -07:00
notes.c Replace deprecated OPT_BOOLEAN by OPT_BOOL 2013-08-05 11:32:19 -07:00
pack-objects.c Merge branch 'jc/pack-objects' 2013-10-23 13:21:26 -07:00
pack-redundant.c
pack-refs.c
patch-id.c
prune-packed.c
prune.c Merge branch 'nd/prune-packed-dryrun-verbose' 2013-06-06 12:17:52 -07:00
push.c Merge branch 'nd/push-no-thin' 2013-09-11 14:56:59 -07:00
read-tree.c C: have space around && and || operators 2013-10-16 10:26:39 -07:00
receive-pack.c Merge branch 'bk/refs-multi-update' 2013-09-20 12:36:12 -07:00
reflog.c Merge branch 'bk/refs-multi-update' 2013-09-20 12:36:12 -07:00
remote-ext.c
remote-fd.c
remote.c Merge branch 'po/remote-set-head-usage' 2013-10-14 11:07:29 -07:00
repack.c Merge branch 'sb/repack-in-c' into maint 2014-02-13 13:38:09 -08:00
replace.c Merge branch 'cc/replace-with-the-same-type' 2013-09-24 23:35:24 -07:00
rerere.c rerere: convert to use parse_pathspec 2013-07-15 10:56:07 -07:00
reset.c reset: pass real rev name to add--interactive 2013-10-25 14:54:18 -07:00
rev-list.c C: have space around && and || operators 2013-10-16 10:26:39 -07:00
rev-parse.c rev-parse: be more careful with munging arguments 2013-12-09 14:39:16 -08:00
revert.c Merge branch 'hu/cherry-pick-previous-branch' 2013-10-23 13:21:35 -07:00
rm.c rm: re-use parse_pathspec's trailing-slash removal 2013-09-13 12:37:35 -07:00
send-pack.c send-pack: fix parsing of --force-with-lease option 2013-08-02 16:07:45 -07:00
shortlog.c Merge branch 'jk/shortlog-tolerate-broken-commit' into maint 2013-10-28 10:17:31 -07:00
show-branch.c Replace deprecated OPT_BOOLEAN by OPT_BOOL 2013-08-05 11:32:19 -07:00
show-ref.c Replace deprecated OPT_BOOLEAN by OPT_BOOL 2013-08-05 11:32:19 -07:00
stripspace.c builtin/stripspace.c: fix broken indentation 2013-09-06 13:33:17 -07:00
symbolic-ref.c C: have space around && and || operators 2013-10-16 10:26:39 -07:00
tag.c Merge branch 'bk/refs-multi-update' 2013-09-20 12:36:12 -07:00
tar-tree.c tar-tree: remove dependency on sq_quote_print() 2013-07-30 08:10:35 -07:00
unpack-file.c
unpack-objects.c
update-index.c Merge branch 'jl/submodule-mv' 2013-09-09 14:36:15 -07:00
update-ref.c Merge branch 'bk/refs-multi-update' 2013-09-20 12:36:12 -07:00
update-server-info.c
upload-archive.c
var.c
verify-pack.c
verify-tag.c
write-tree.c