diff options
| author | Edward Thomson <ethomson@edwardthomson.com> | 2020-04-05 11:07:54 +0100 |
|---|---|---|
| committer | Edward Thomson <ethomson@edwardthomson.com> | 2020-11-25 11:42:03 +0000 |
| commit | cb4bfbc99dffa7679f42cf8500931fa250bb7db3 (patch) | |
| tree | b3321a749eeba776074824d04f49fb47ddf978c1 /src/libgit2.c | |
| parent | a6dd58659d16207ec92a1f4d87ec620236ce4a23 (diff) | |
| download | libgit2-cb4bfbc99dffa7679f42cf8500931fa250bb7db3.tar.gz | |
buffer: git_buf_sanitize should return a value
`git_buf_sanitize` is called with user-input, and wants to sanity-check
that input. Allow it to return a value if the input was malformed in a
way that we cannot cope.
Diffstat (limited to 'src/libgit2.c')
| -rw-r--r-- | src/libgit2.c | 51 |
1 files changed, 29 insertions, 22 deletions
diff --git a/src/libgit2.c b/src/libgit2.c index 07414bec8..9e5112dbf 100644 --- a/src/libgit2.c +++ b/src/libgit2.c @@ -122,29 +122,28 @@ int git_libgit2_features(void) ; } -static int config_level_to_sysdir(int config_level) +static int config_level_to_sysdir(int *out, int config_level) { - int val = -1; - switch (config_level) { case GIT_CONFIG_LEVEL_SYSTEM: - val = GIT_SYSDIR_SYSTEM; - break; + *out = GIT_SYSDIR_SYSTEM; + return 0; case GIT_CONFIG_LEVEL_XDG: - val = GIT_SYSDIR_XDG; - break; + *out = GIT_SYSDIR_XDG; + return 0; case GIT_CONFIG_LEVEL_GLOBAL: - val = GIT_SYSDIR_GLOBAL; - break; + *out = GIT_SYSDIR_GLOBAL; + return 0; case GIT_CONFIG_LEVEL_PROGRAMDATA: - val = GIT_SYSDIR_PROGRAMDATA; - break; + *out = GIT_SYSDIR_PROGRAMDATA; + return 0; default: - git_error_set( - GIT_ERROR_INVALID, "invalid config path selector %d", config_level); + break; } - return val; + git_error_set( + GIT_ERROR_INVALID, "invalid config path selector %d", config_level); + return -1; } const char *git_libgit2__user_agent(void) @@ -190,12 +189,15 @@ int git_libgit2_opts(int key, ...) break; case GIT_OPT_GET_SEARCH_PATH: - if ((error = config_level_to_sysdir(va_arg(ap, int))) >= 0) { + { + int sysdir = va_arg(ap, int); git_buf *out = va_arg(ap, git_buf *); const git_buf *tmp; + int level; - git_buf_sanitize(out); - if ((error = git_sysdir_get(&tmp, error)) < 0) + if ((error = config_level_to_sysdir(&level, sysdir)) < 0 || + (error = git_buf_sanitize(out)) < 0 || + (error = git_sysdir_get(&tmp, level)) < 0) break; error = git_buf_sets(out, tmp->ptr); @@ -203,8 +205,12 @@ int git_libgit2_opts(int key, ...) break; case GIT_OPT_SET_SEARCH_PATH: - if ((error = config_level_to_sysdir(va_arg(ap, int))) >= 0) - error = git_sysdir_set(error, va_arg(ap, const char *)); + { + int level; + + if ((error = config_level_to_sysdir(&level, va_arg(ap, int))) >= 0) + error = git_sysdir_set(level, va_arg(ap, const char *)); + } break; case GIT_OPT_SET_CACHE_OBJECT_LIMIT: @@ -233,8 +239,8 @@ int git_libgit2_opts(int key, ...) git_buf *out = va_arg(ap, git_buf *); const git_buf *tmp; - git_buf_sanitize(out); - if ((error = git_sysdir_get(&tmp, GIT_SYSDIR_TEMPLATE)) < 0) + if ((error = git_buf_sanitize(out)) < 0 || + (error = git_sysdir_get(&tmp, GIT_SYSDIR_TEMPLATE)) < 0) break; error = git_buf_sets(out, tmp->ptr); @@ -303,7 +309,8 @@ int git_libgit2_opts(int key, ...) case GIT_OPT_GET_USER_AGENT: { git_buf *out = va_arg(ap, git_buf *); - git_buf_sanitize(out); + if ((error = git_buf_sanitize(out)) < 0) + break; error = git_buf_sets(out, git__user_agent); } break; |