diff options
author | Taylor Blau <me@ttaylorr.com> | 2023-07-12 19:38:11 -0400 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2023-07-14 09:32:03 -0700 |
commit | 19565d093d248ba4c2330d96314a547feed41112 (patch) | |
tree | ce0b225223beedb53dc6243b72a636bd0b8b9185 /commit-graph.c | |
parent | 51c31a6408c1eae3ad6c2f78ec136c1b415cad72 (diff) | |
download | git-19565d093d248ba4c2330d96314a547feed41112.tar.gz |
commit-graph.c: prevent overflow in `split_graph_merge_strategy()`
In a similar spirit as previous commits, ensure that we don't overflow
when choosing how to split and merge different layers of the
commit-graph.
In particular, avoid a potential overflow between `size_mult` and
`num_commits`, as well as a potential overflow between the number of
commits currently in the merged graph, and the number of commits in the
graph about to be merged.
Signed-off-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'commit-graph.c')
-rw-r--r-- | commit-graph.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/commit-graph.c b/commit-graph.c index 08d773567f..d9795e3aa4 100644 --- a/commit-graph.c +++ b/commit-graph.c @@ -2112,11 +2112,16 @@ static void split_graph_merge_strategy(struct write_commit_graph_context *ctx) if (flags != COMMIT_GRAPH_SPLIT_MERGE_PROHIBITED && flags != COMMIT_GRAPH_SPLIT_REPLACE) { - while (g && (g->num_commits <= size_mult * num_commits || + while (g && (g->num_commits <= st_mult(size_mult, num_commits) || (max_commits && num_commits > max_commits))) { if (g->odb != ctx->odb) break; + if (unsigned_add_overflows(num_commits, g->num_commits)) + die(_("cannot merge graphs with %"PRIuMAX", " + "%"PRIuMAX" commits"), + (uintmax_t)num_commits, + (uintmax_t)g->num_commits); num_commits += g->num_commits; g = g->base_graph; |