# HG changeset patch
# User Boris Feld <boris.feld@octobus.net>
# Date 1543188069 -3600
# Node ID 959130631de35d4332ddc17db70939d448838a5e
# Parent  30d878cb102d1be3db236cf61b7e62e544d7b6d6
revlog: properly detect corrupted revlog in `index_get_length`

Pointed out by Yuya Nishihara.

diff -r 30d878cb102d -r 959130631de3 mercurial/cext/revlog.c
--- a/mercurial/cext/revlog.c	Mon Nov 26 00:15:12 2018 +0100
+++ b/mercurial/cext/revlog.c	Mon Nov 26 00:21:09 2018 +0100
@@ -242,7 +242,14 @@
 		return (int)ret;
 	} else {
 		const char *data = index_deref(self, rev);
-		return (int)getbe32(data + 8);
+		int tmp = (int)getbe32(data + 8);
+		if (tmp < 0) {
+			PyErr_Format(PyExc_OverflowError,
+			             "revlog entry size out of bound (%d)",
+			             tmp);
+			return -1;
+		}
+		return tmp;
 	}
 }