check patch_delta bounds more carefully

[git.git] / sha1_file.c

diff --git a/sha1_file.c b/sha1_file.c
index aa09b46..d8ef565 100644 (file)
--- a/sha1_file.c
+++ b/sha1_file.c
@@ -804,10 +804,12 @@ static int packed_delta_info(unsigned char *base_sha1,
                 * the result size.
                 */
                data = delta_head;
-               get_delta_hdr_size(&data); /* ignore base size */
+
+               /* ignore base size */
+               get_delta_hdr_size(&data, delta_head+sizeof(delta_head));
 
                /* Read the result size */
-               result_size = get_delta_hdr_size(&data);
+               result_size = get_delta_hdr_size(&data, delta_head+sizeof(delta_head));
                *sizep = result_size;
        }
        return 0;