Avoid overflowing name buffer in deep directory structures

This just makes sure that when we do a read_directory(), we check
that the filename fits in the buffer we allocated (with a bit of
slop)

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>

diff --git a/dir.c b/dir.c
index 7426fde330a200e3137e722c4b9adbc5ce6bdd90..4f5a2241e6db2c973ea14a58fd25582fcbddee75 100644 (file)
--- a/dir.c
+++ b/dir.c
@@ -353,6 +353,9 @@ static int read_directory_recursive(struct dir_struct *dir, const char *path, co
                             !strcmp(de->d_name + 1, "git")))
                                continue;
                        len = strlen(de->d_name);
+                       /* Ignore overly long pathnames! */
+                       if (len + baselen + 8 > sizeof(fullname))
+                               continue;
                        memcpy(fullname + baselen, de->d_name, len+1);
                        if (simplify_away(fullname, baselen + len, simplify))
                                continue;