![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a47a645)
raw | patch | inline | side by side (parent: a47a645)
| author | Nguyễn Thái Ngọc Duy <pclouds@gmail.com> | |
| Thu, 18 Aug 2011 13:36:03 +0000 (20:36 +0700) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Thu, 18 Aug 2011 19:25:54 +0000 (12:25 -0700) |
A malicious server can return ACK with non-existent SHA-1 or not a
commit. lookup_commit() in this case may return NULL. Do not let
fetch-pack crash by accessing NULL address in this case.
Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
commit. lookup_commit() in this case may return NULL. Do not let
fetch-pack crash by accessing NULL address in this case.
Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| builtin/fetch-pack.c | patch | blob | history |
diff --git a/builtin/fetch-pack.c b/builtin/fetch-pack.c
index 436798410210b868cfbe439a1603b0a340a32c50..3c871c2da893dc9deb3a36bff03a7032ea038f8a 100644 (file)
--- a/builtin/fetch-pack.c
+++ b/builtin/fetch-pack.c
case ACK_continue: {
struct commit *commit =
lookup_commit(result_sha1);
+ if (!commit)
+ die("invalid commit %s", sha1_to_hex(result_sha1));
if (args.stateless_rpc
&& ack == ACK_common
&& !(commit->object.flags & COMMON)) {