Commit 65bb21e7 authored by Eric Sunshine's avatar Eric Sunshine Committed by Junio C Hamano

color: protect against out-of-bounds reads and writes

want_color_fd() is designed to work only with standard output and
error file descriptors and stores information about each descriptor in
an array. However, it doesn't verify that the passed-in descriptor
lives within that set, which, with a buggy caller, could lead to
access or assignment outside the array bounds.
Signed-off-by: Eric Sunshine's avatarEric Sunshine <sunshine@sunshineco.com>
Acked-by: Johannes Schindelin's avatarJohannes Schindelin <Johannes.Schindelin@gmx.de>
Signed-off-by: 's avatarJonathan Nieder <jrnieder@gmail.com>
Signed-off-by: 's avatarJunio C Hamano <gitster@pobox.com>
parent 53f9a3e1
......@@ -343,6 +343,9 @@ int want_color_fd(int fd, int var)
static int want_auto[3] = { -1, -1, -1 };
if (fd < 1 || fd >= ARRAY_SIZE(want_auto))
BUG("file descriptor out of range: %d", fd);
if (var < 0)
var = git_use_color_default;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment