Tree
- Tree:
a94090fcb23b625c17d787aa7138efd049edcbb3
- Date:
- Message:
- fix a size_t multiplication overflow in diff_meyrs.c Found on an OpenBSD armv7 machine running Got regression tests: test_status_shows_no_mods_after_complete_merge Segmentation fault (core dumped) The problematic multiplication is kd_len * kd_len in diff_algo_myers() with kd_len set to 65537. (gdb) p (int)(65537 * 65537) $64 = 131073 (gdb) p (int)(65537 + 65537) $65 = 131074 (gdb) p (unsigned int)(size_t)(-1) $68 = 4294967295 (gdb) p (4294967295 / kd_len) $71 = 65535 Detect such overflow and run the fallback diff algorithm instead.
arraylist.h | commits | blame |
diff_main.h | commits | blame |
diff_output.h | commits | blame |