mailmap: avoid out-of-bounds memory access
authorRomain Francoise <romain@orebokech.com>
Sat, 27 Oct 2012 22:49:55 +0000 (00:49 +0200)
committerJeff King <peff@peff.net>
Sun, 28 Oct 2012 11:50:18 +0000 (07:50 -0400)
AddressSanitizer (http://clang.llvm.org/docs/AddressSanitizer.html)
complains of a one-byte buffer underflow in parse_name_and_email() while
running the test suite. And indeed, if one of the lines in the mailmap
begins with '<', we dereference the address just before the beginning of
the buffer when looking for whitespace to remove, before checking that
we aren't going too far.

So reverse the order of the tests to make sure that we don't read
outside the buffer.

Signed-off-by: Romain Francoise <romain@orebokech.com>
Signed-off-by: Jeff King <peff@peff.net>
mailmap.c

index 47aa41924507f7603aab5e35abb51b3956a33dad..ea4b471edeb5ca9b29a8138f6f831a5e6a15a9e8 100644 (file)
--- a/mailmap.c
+++ b/mailmap.c
@@ -118,7 +118,7 @@ static char *parse_name_and_email(char *buffer, char **name,
        while (isspace(*nstart) && nstart < left)
                ++nstart;
        nend = left-1;
-       while (isspace(*nend) && nend > nstart)
+       while (nend > nstart && isspace(*nend))
                --nend;
 
        *name = (nstart < nend ? nstart : NULL);