Fix potentially dangerous use of git_path in ref.c

Signed-off-by: Junio C Hamano <gitster@pobox.com>
git-mirror · Oct 31, 2008 · 958a478 · 958a478
1 parent fe2d777
commit 958a478
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/refs.c b/refs.c
@@ -401,14 +401,15 @@ const char *resolve_ref(const char *ref, unsigned char *sha1, int reading, int *
 		*flag = 0;
 
 	for (;;) {
-		const char *path = git_path("%s", ref);
+		char path[PATH_MAX];
 		struct stat st;
 		char *buf;
 		int fd;
 
 		if (--depth < 0)
 			return NULL;
 
+		git_snpath(path, sizeof(path), "%s", ref);
 		/* Special case: non-existing file.
 		 * Not having the refs/heads/new-branch is OK
 		 * if we are writing into it, so is .git/HEAD
@@ -1121,13 +1122,14 @@ static int log_ref_write(const char *ref_name, const unsigned char *old_sha1,
 	int logfd, written, oflags = O_APPEND | O_WRONLY;
 	unsigned maxlen, len;
 	int msglen;
-	char *log_file, *logrec;
+	char log_file[PATH_MAX];
+	char *logrec;
 	const char *committer;
 
 	if (log_all_ref_updates < 0)
 		log_all_ref_updates = !is_bare_repository();
 
-	log_file = git_path("logs/%s", ref_name);
+	git_snpath(log_file, sizeof(log_file), "logs/%s", ref_name);
 
 	if (log_all_ref_updates &&
 	    (!prefixcmp(ref_name, "refs/heads/") ||