Code

http-push: fix xml_entities() string parsing overrun
authorHunter, D. Seth <hunter@ll.mit.edu>
Wed, 1 Jul 2009 00:24:47 +0000 (20:24 -0400)
committerJunio C Hamano <gitster@pobox.com>
Mon, 6 Jul 2009 16:36:08 +0000 (09:36 -0700)
xml_entities() in http-push.c did not properly stop at the end of the
string being examined, which would occasionally cause nonsense to be
appended to escaped URL strings and result in failed DAV XML queries

Signed-off-by: Seth Hunter <hunter@ll.mit.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
http-push.c

index 8cc8ee0dfd5c047b2523f63346bf9b30094c1386..00e83dcec1d973b069d4c75105aed96634b00994 100644 (file)
@@ -193,6 +193,8 @@ static char *xml_entities(char *s)
                case '&':
                        strbuf_addstr(&buf, "&amp;");
                        break;
+               case 0:
+                       return strbuf_detach(&buf, NULL);
                }
                s++;
        }