| Message ID | dadcf96c06ffaf29abefc9adfc1450f399089549.1718050244.git.me@ttaylorr.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | e162aed591154612cbc646ab19808096d226fce5 |
| Headers | show |
| Series | midx: various brown paper bag fixes | expand |
diff --git a/pack-revindex.c b/pack-revindex.c index fc63aa76a2..93ffca7731 100644 --- a/pack-revindex.c +++ b/pack-revindex.c @@ -527,6 +527,9 @@ static int midx_key_to_pack_pos(struct multi_pack_index *m, { uint32_t *found; + if (key->pack >= m->num_packs) + BUG("MIDX pack lookup out of bounds (%"PRIu32" >= %"PRIu32")", + key->pack, m->num_packs); /* * The preferred pack sorts first, so determine its identifier by * looking at the first object in pseudo-pack order.
The function midx_key_to_pack_pos() is a helper function used by midx_to_pack_pos() and midx_pair_to_pack_pos() to translate a (pack, offset) tuple into a position into the MIDX pseudo-pack order. Ensure that the pack ID given to midx_pair_to_pack_pos() is bounded by the number of packs within the MIDX to prevent, for instance, uninitialized memory from being used as a pack ID. Signed-off-by: Taylor Blau <me@ttaylorr.com> --- pack-revindex.c | 3 +++ 1 file changed, 3 insertions(+)