When we generate relative names (e.g., master~20^2), we
format the name into a static buffer, then xstrdup the
result to attach it to the commit. Since the first thing we
add into the static buffer is the already-computed name of
the child commit, the names may get longer and longer as
the
Jeff King wrote:
When we generate relative names (e.g., master~20^2), we
format the name into a static buffer, then xstrdup the
result to attach it to the commit. Since the first thing we
add into the static buffer is the already-computed name of
the child commit, the names may get longer
On Fri, Apr 05, 2013 at 04:49:15PM -0700, Jonathan Nieder wrote:
Though this is a stack overflow, I don't know that it's exploitable for
anything interesting; an attacker does not get to write arbitrary data,
but rather only a sequence of ^%d and ~%d relative history markers.
Perhaps in
3 matches
Mail list logo