Commits

Pavel Roskin committed f4a1106

sanity check in add_packed_git()

add_packed_git() tries to get the pack SHA1 by parsing its name. It may
access uninitialized memory for packs with short names.

Signed-off-by: Pavel Roskin <proski@gnu.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>

Comments (0)

Files changed (1)

 	p->pack_last_used = 0;
 	p->pack_use_cnt = 0;
 	p->pack_local = local;
-	if (!get_sha1_hex(path + path_len - 40 - 4, sha1))
+	if ((path_len > 44) && !get_sha1_hex(path + path_len - 44, sha1))
 		memcpy(p->sha1, sha1, 20);
 	return p;
 }