Fix minor DOS in rev-list.

A carefully crafted pathname can be used to disrupt downstream git-pack-objects
that uses 'git-rev-list --objects' output.  Prevent this.

Signed-off-by: Junio C Hamano <junkio@cox.net>

diff --git a/rev-list.c b/rev-list.c
index 523fda07e1eef4b3a1a801abbf94358d06af17fd..5ec9ccb6036bf79276f50fa13bd3cf9398c859f3 100644 (file)
--- a/rev-list.c
+++ b/rev-list.c
@@ -194,7 +194,17 @@ static void show_commit_list(struct commit_list *list)
                die("unknown pending object %s (%s)", sha1_to_hex(obj->sha1), name);
        }
        while (objects) {
-               printf("%s %s\n", sha1_to_hex(objects->item->sha1), objects->name);
+               /* An object with name "foo\n0000000000000000000000000000000000000000"
+                * can be used confuse downstream git-pack-objects very badly.
+                */
+               const char *ep = strchr(objects->name, '\n');
+               if (ep) {
+                       printf("%s %.*s\n", sha1_to_hex(objects->item->sha1),
+                              (int) (ep - objects->name),
+                              objects->name);
+               }
+               else
+                       printf("%s %s\n", sha1_to_hex(objects->item->sha1), objects->name);
                objects = objects->next;
        }
 }