From: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Date: Sat, 16 Mar 2013 01:25:18 +0000 (+0700)
Subject: index-pack: fix buffer overflow caused by translations
X-Git-Tag: v1.8.1.6~13^2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5c3459fc61c035420c90b7d73e23242493be6cbd;p=git

index-pack: fix buffer overflow caused by translations

The translation of "completed with %d local objects" is put in a
48-byte buffer, which may be enough for English but not true for any
translations. Convert it to use strbuf (i.e. no hard limit on
translation length).

Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---

diff --git a/builtin/index-pack.c b/builtin/index-pack.c
index 43d364b8d5..ef62124aa4 100644
--- a/builtin/index-pack.c
+++ b/builtin/index-pack.c
@@ -1099,7 +1099,7 @@ static void conclude_pack(int fix_thin_pack, const char *curr_pack, unsigned cha
 	if (fix_thin_pack) {
 		struct sha1file *f;
 		unsigned char read_sha1[20], tail_sha1[20];
-		char msg[48];
+		struct strbuf msg = STRBUF_INIT;
 		int nr_unresolved = nr_deltas - nr_resolved_deltas;
 		int nr_objects_initial = nr_objects;
 		if (nr_unresolved <= 0)
@@ -1109,9 +1109,10 @@ static void conclude_pack(int fix_thin_pack, const char *curr_pack, unsigned cha
 				   * sizeof(*objects));
 		f = sha1fd(output_fd, curr_pack);
 		fix_unresolved_deltas(f, nr_unresolved);
-		sprintf(msg, _("completed with %d local objects"),
-			nr_objects - nr_objects_initial);
-		stop_progress_msg(&progress, msg);
+		strbuf_addf(&msg, _("completed with %d local objects"),
+			    nr_objects - nr_objects_initial);
+		stop_progress_msg(&progress, msg.buf);
+		strbuf_release(&msg);
 		sha1close(f, tail_sha1, 0);
 		hashcpy(read_sha1, pack_sha1);
 		fixup_pack_header_footer(output_fd, pack_sha1,