Skip to content

Commit

Permalink
ssh-upload: prevent buffer overrun
Browse files Browse the repository at this point in the history 
Prevent a client from overrunning the on stack ref buffer.

Signed-off-by: Andy Whitcroft <apw@shadowen.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>
  • Loading branch information
Andy Whitcroft authored and Junio C Hamano committed Jan 8, 2007
1 parent 4083c2f commit d677db8
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ssh-upload.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ static int serve_ref(int fd_in, int fd_out)
int posn = 0;
signed char remote = 0;
do {
if (read(fd_in, ref + posn, 1) < 1)
if (posn >= PATH_MAX || read(fd_in, ref + posn, 1) < 1)
return -1;
posn++;
} while (ref[posn - 1]);
Expand Down

0 comments on commit d677db8

Please sign in to comment.