Fossil

Check-in [6013aea0]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a bug in the manifest parser that can cause a read off the end of a buffer when doing a "fossil rebuild" on a repository that contains artifacts that start out looking like a valid special artifact but are not terminated by \n. This fixes a bug introduced by check-in [49b0ff15922674].
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 6013aea0c2a5e32ceac5b07992f03e7a7ad4148c
User & Date: drh 2016-01-01 20:49:26.184
Context
2016-01-05
04:52
Update the built-in SQLite to the next 3.10.0 beta. ... (check-in: cd58f59a user: drh tags: trunk)
2016-01-01
20:49
Fix a bug in the manifest parser that can cause a read off the end of a buffer when doing a "fossil rebuild" on a repository that contains artifacts that start out looking like a valid special artifact but are not terminated by \n. This fixes a bug introduced by check-in [49b0ff15922674]. ... (check-in: 6013aea0 user: drh tags: trunk)
17:30
Update the built-in SQLite to the second beta for 3.10.0. ... (check-in: 987a80ef user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/manifest.c.
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394

  /* Every control artifact ends with a '\n' character.  Exit early
  ** if that is not the case for this artifact.
  */
  if( !isRepeat ) g.parseCnt[0]++;
  z = blob_materialize(pContent);
  n = blob_size(pContent);
  if( pErr && (n<=0 || z[n-1]!='\n') ){
    blob_reset(pContent);
    blob_append(pErr, n ? "not terminated with \\n" : "zero-length", -1);
    return 0;
  }

  /* Strip off the PGP signature if there is one.
  */
  remove_pgp_signature(&z, &n);








|

|







378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394

  /* Every control artifact ends with a '\n' character.  Exit early
  ** if that is not the case for this artifact.
  */
  if( !isRepeat ) g.parseCnt[0]++;
  z = blob_materialize(pContent);
  n = blob_size(pContent);
  if( n<=0 || z[n-1]!='\n' ){
    blob_reset(pContent);
    blob_appendf(pErr, "%s", n ? "not terminated with \\n" : "zero-length");
    return 0;
  }

  /* Strip off the PGP signature if there is one.
  */
  remove_pgp_signature(&z, &n);