Skip to content

Commit

Permalink
mailmap: avoid out-of-bounds memory access
Browse files Browse the repository at this point in the history 
AddressSanitizer (http://clang.llvm.org/docs/AddressSanitizer.html)
complains of a one-byte buffer underflow in parse_name_and_email() while
running the test suite. And indeed, if one of the lines in the mailmap
begins with '<', we dereference the address just before the beginning of
the buffer when looking for whitespace to remove, before checking that
we aren't going too far.

So reverse the order of the tests to make sure that we don't read
outside the buffer.

Signed-off-by: Romain Francoise <romain@orebokech.com>
Signed-off-by: Jeff King <peff@peff.net>
  • Loading branch information
Romain Francoise authored and Jeff King committed Oct 28, 2012
1 parent 7e20105 commit 3174bc5
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion mailmap.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ static char *parse_name_and_email(char *buffer, char **name,
while (isspace(*nstart) && nstart < left)
++nstart;
nend = left-1;
while (isspace(*nend) && nend > nstart)
while (nend > nstart && isspace(*nend))
--nend;

*name = (nstart < nend ? nstart : NULL);
Expand Down

0 comments on commit 3174bc5

Please sign in to comment.