git-remote: do not use user input in a printf format string

'git remote show' substituted the remote name into a string that was later
used as a printf format string. If a remote name contains a printf format
specifier like this:

   $ git remote add foo%sbar .

then the command

   $ git remote show foo%sbar

would print garbage (if you are lucky) or crash. This fixes it.

Signed-off-by: Johannes Sixt <johannes.sixt@telecom.at>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/builtin-remote.c b/builtin-remote.c
index 01945a8651c9a42f19fba850036ed2a1339675f1..4cb763f989fc987d94141ed763223cb361cec44a 100644 (file)
--- a/builtin-remote.c
+++ b/builtin-remote.c
@@ -407,14 +407,15 @@ static int rm(int argc, const char **argv)
        return i;
 }
 
-static void show_list(const char *title, struct string_list *list)
+static void show_list(const char *title, struct string_list *list,
+                     const char *extra_arg)
 {
        int i;
 
        if (!list->nr)
                return;
 
-       printf(title, list->nr > 1 ? "es" : "");
+       printf(title, list->nr > 1 ? "es" : "", extra_arg);
        printf("\n    ");
        for (i = 0; i < list->nr; i++)
                printf("%s%s", i ? " " : "", list->items[i].string);
@@ -477,7 +478,6 @@ static int show(int argc, const char **argv)
 
        memset(&states, 0, sizeof(states));
        for (; argc; argc--, argv++) {
-               struct strbuf buf;
                int i;
 
                get_remote_ref_states(*argv, &states, !no_query);
@@ -503,18 +503,16 @@ static int show(int argc, const char **argv)
                }
 
                if (!no_query) {
-                       strbuf_init(&buf, 0);
-                       strbuf_addf(&buf, "  New remote branch%%s (next fetch "
-                               "will store in remotes/%s)", states.remote->name);
-                       show_list(buf.buf, &states.new);
-                       strbuf_release(&buf);
+                       show_list("  New remote branch%s (next fetch "
+                               "will store in remotes/%s)",
+                               &states.new, states.remote->name);
                        show_list("  Stale tracking branch%s (use 'git remote "
-                               "prune')", &states.stale);
+                               "prune')", &states.stale, "");
                }
 
                if (no_query)
                        for_each_ref(append_ref_to_tracked_list, &states);
-               show_list("  Tracked remote branch%s", &states.tracked);
+               show_list("  Tracked remote branch%s", &states.tracked, "");
 
                if (states.remote->push_refspec_nr) {
                        printf("  Local branch%s pushed with 'git push'\n   ",