From: Junio C Hamano <gitster@pobox.com>
Date: Fri, 4 Mar 2016 21:45:46 +0000 (-0800)
Subject: Merge branch 'jk/pack-idx-corruption-safety'
X-Git-Tag: v2.8.0-rc1~7
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=090de6b289ff2d9fc1c82ef85069bd6cba296d63;p=thirdparty%2Fgit.git

Merge branch 'jk/pack-idx-corruption-safety'

The code to read the pack data using the offsets stored in the pack
idx file has been made more carefully check the validity of the
data in the idx.

* jk/pack-idx-corruption-safety:
  sha1_file.c: mark strings for translation
  use_pack: handle signed off_t overflow
  nth_packed_object_offset: bounds-check extended offset
  t5313: test bounds-checks of corrupted/malicious pack/idx files
---

090de6b289ff2d9fc1c82ef85069bd6cba296d63
diff --cc cache.h
index d7ff46ec4a,6c9aaa1ae6..b829410f6d
--- a/cache.h
+++ b/cache.h
@@@ -1367,8 -1234,18 +1367,18 @@@ extern void close_all_packs(void)
  extern void unuse_pack(struct pack_window **);
  extern void free_pack_by_name(const char *);
  extern void clear_delta_base_cache(void);
 -extern struct packed_git *add_packed_git(const char *, int, int);
 +extern struct packed_git *add_packed_git(const char *path, size_t path_len, int local);
  
+ /*
+  * Make sure that a pointer access into an mmap'd index file is within bounds,
+  * and can provide at least 8 bytes of data.
+  *
+  * Note that this is only necessary for variable-length segments of the file
+  * (like the 64-bit extended offset table), as we compare the size to the
+  * fixed-length parts when we open the file.
+  */
+ extern void check_pack_index_ptr(const struct packed_git *p, const void *ptr);
+ 
  /*
   * Return the SHA-1 of the nth object within the specified packfile.
   * Open the index if it is not already open.  The return value points