Fix out-of-bounds memory accesses with virtual_root="" The CGit configuration variable virtual_root is normalized so that it does not have a trailing '/' character, but it is allowed to be empty (the empty string and NULL have different meanings here) and there is code that is insufficiently cautious when checking if it ends in a '/': if (virtual_root[strlen(virtual_root) - 1] != '/') Clearly this check is redundant, but rather than simply removing it we get a slight efficiency improvement by switching the normalization so that the virtual_root variable always ends in '/'. Do this with a new "ensure_end" helper. Signed-off-by: John Keeping <john@keeping.me.uk>

commit: b1f17f168b91d709c0c0e62608de301a36f06da9 [log] [tgz]
author: John Keeping <john@keeping.me.uk> Mon Apr 01 19:03:34 2013 +0100
committer: Jason A. Donenfeld <Jason@zx2c4.com> Mon Apr 08 15:59:46 2013 +0200
tree: 9aff1fe903087cb5016ab2afdb32a7ca1cc139b2
parent: 4b4a62d507adc61e20e75e2748301ef307a6c95f [diff] [blame]
diff --git a/shared.c b/shared.c
index cc06930..1fa9c99 100644
--- a/shared.c
+++ b/shared.c

@@ -115,6 +115,21 @@
 	return xstrndup(str, len);
 }
 
+char *ensure_end(const char *str, char c)
+{
+	size_t len = strlen(str);
+	char *result;
+
+	if (len && str[len - 1] == c)
+		return xstrndup(str, len);
+
+	result = xmalloc(len + 2);
+	memcpy(result, str, len);
+	result[len] = '/';
+	result[len + 1] = '\0';
+	return result;
+}
+
 char *strlpart(char *txt, int maxlen)
 {
 	char *result;
commit	b1f17f168b91d709c0c0e62608de301a36f06da9	[log] [tgz]
author	John Keeping <john@keeping.me.uk>	Mon Apr 01 19:03:34 2013 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	Mon Apr 08 15:59:46 2013 +0200
tree	9aff1fe903087cb5016ab2afdb32a7ca1cc139b2
parent	4b4a62d507adc61e20e75e2748301ef307a6c95f [diff] [blame]