Junio C Hamano wrote:
> Ramsay Jones <ram...@ramsay1.demon.co.uk> writes:
>> The current implementation of git_path() is essentially the same as
>> that of vsnpath(), with two minor differences. First, git_path()
>> currently insists that the git directory path is no longer than
>> PATH_MAX-100 characters in length. However, vsnpath() does not
>> attempt this arbitrary 100 character reservation for the remaining
>> path components. Second, vsnpath() uses the "is_dir_sep()" macro,
>> rather than comparing directly to '/', to determine if the git_dir
>> path component ends with a path separator.
>> In order to benefit from the above improvements,...
> In the longer term, I think this goes in the right direction, but
> the loss of reservation, especially when we know git_path() is used
> by some callers to get the base directory in $GIT_DIR that want to
> append stuff after the returned directory path to form the final
> pathname, is a bit worrysome.  It may be hiding a bug (lack of
> proper limit check) on the callers' side.

Hmm, at first I could not see what you found worrysome here.
After all, the number of inputs which leads to success (i.e. does
not result in an "/bad-path/" return) has been *increased* with
this patch.

However, I suppose you are concerned about something like this:

    char *git_dir = git_path("");
    if (strcmp(git_dir, "/bad-path/") != 0) {
         * Having studied the implementation of git_path(), I know
         * that the buffer pointed to by git_dir has space for an
         * additional 100 chars. This is enough room to concatenate
         * the doberry path, so this is safe ...
        strcat(git_dir, doberry); /* oops */


Hmm, yes it would be a little disapointing to see such parasitic code!

You said above: "... especially when we know git_path() is used
by some callers to get the base directory in $GIT_DIR ...". Can you
point me to an example of such a caller; I have been unable to find
any code which does this.

Ramsay Jones

To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to