Mercurial Mercurial > hg / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
revlog: properly detect corrupted revlog in `index_get_length`
authorBoris Feld <boris.feld@octobus.net>
Mon, 26 Nov 2018 00:21:09 +0100
changeset 40741 959130631de3
parent 40740 30d878cb102d
child 40742 8edca70dc951
revlog: properly detect corrupted revlog in `index_get_length` Pointed out by Yuya Nishihara.
mercurial/cext/revlog.c file | annotate | diff | comparison | revisions 
--- a/mercurial/cext/revlog.c	Mon Nov 26 00:15:12 2018 +0100
+++ b/mercurial/cext/revlog.c	Mon Nov 26 00:21:09 2018 +0100
@@ -242,7 +242,14 @@
 		return (int)ret;
 	} else {
 		const char *data = index_deref(self, rev);
-		return (int)getbe32(data + 8);
+		int tmp = (int)getbe32(data + 8);
+		if (tmp < 0) {
+			PyErr_Format(PyExc_OverflowError,
+			             "revlog entry size out of bound (%d)",
+			             tmp);
+			return -1;
+		}
+		return tmp;
 	}
 }
Mercurial