PackIndexV2 should check for possible corruption

Change-Id: I1803ec6d8141f07dd4085778da6461abe81c30a9
Signed-off-by: Marc Strapetz <marc.strapetz@syntevo.com>

org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties

@@ -244,6 +244,7 @@ illegalStateExists=exists {0}
 improperlyPaddedBase64Input=Improperly padded Base64 input.
 incorrectHashFor=Incorrect hash for {0}; computed {1} as a {2} from {3} bytes.
 incorrectOBJECT_ID_LENGTH=Incorrect OBJECT_ID_LENGTH.
+indexFileCorruptedNegativeBucketCount=Invalid negative bucket count read from pack v2 index file: {0}
 indexFileIsInUse=Index file is in use
 indexFileIsTooLargeForJgit=Index file is too large for jgit
 indexSignatureIsInvalid=Index signature is invalid: {0}

org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java

@@ -303,6 +303,7 @@ public class JGitText extends TranslationBundle {
 	/***/ public String improperlyPaddedBase64Input;
 	/***/ public String incorrectHashFor;
 	/***/ public String incorrectOBJECT_ID_LENGTH;
+	/***/ public String indexFileCorruptedNegativeBucketCount;
 	/***/ public String indexFileIsInUse;
 	/***/ public String indexFileIsTooLargeForJgit;
 	/***/ public String indexSignatureIsInvalid;

org.eclipse.jgit/src/org/eclipse/jgit/internal/storage/file/PackIndexV2.java

@@ -45,6 +45,7 @@ package org.eclipse.jgit.internal.storage.file;
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.text.MessageFormat;
 import java.util.Arrays;
 import java.util.Iterator;
 import java.util.NoSuchElementException;
@@ -113,7 +114,10 @@ class PackIndexV2 extends PackIndex {
 				offset32[k] = NO_BYTES;
 				crc32[k] = NO_BYTES;
 				continue;
-			}
+			} else if (bucketCnt < 0)
+				throw new IOException(MessageFormat.format(
+						JGitText.get().indexFileCorruptedNegativeBucketCount,
+						Long.valueOf(bucketCnt)));
 
 			final long nameLen = bucketCnt * Constants.OBJECT_ID_LENGTH;
 			if (nameLen > Integer.MAX_VALUE - 8) // see http://stackoverflow.com/a/8381338