![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8b59007)
raw | patch | inline | side by side (parent: 8b59007)
| author | Julian Phillips <julian@quantumfyre.co.uk> | |
| Sat, 16 Jul 2011 18:23:51 +0000 (19:23 +0100) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Wed, 20 Jul 2011 22:51:55 +0000 (15:51 -0700) |
When parsing info/refs, no checks were applied that the file was in
the requried format. Since the file is read from a remote webserver,
this isn't guarenteed to be true. Add a check that the file at least
only contains lines that consist of 40 characters followed by a tab
and then the ref name.
Signed-off-by: Julian Phillips <julian@quantumfyre.co.uk>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
the requried format. Since the file is read from a remote webserver,
this isn't guarenteed to be true. Add a check that the file at least
only contains lines that consist of 40 characters followed by a tab
and then the ref name.
Signed-off-by: Julian Phillips <julian@quantumfyre.co.uk>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| remote-curl.c | patch | blob | history |
diff --git a/remote-curl.c b/remote-curl.c
index b5be25ce9623936e42566ca52b9e4d1d33153111..8ac5028343320b44b75c6945318fe5b328af81fd 100644 (file)
--- a/remote-curl.c
+++ b/remote-curl.c
if (data[i] == '\t')
mid = &data[i];
if (data[i] == '\n') {
+ if (mid - start != 40)
+ die("%sinfo/refs not valid: is this a git repository?", url);
data[i] = 0;
ref_name = mid + 1;
ref = xmalloc(sizeof(struct ref) +