From: Tay Ray Chuan Date: Thu, 25 Nov 2010 08:21:08 +0000 (+0800) Subject: http-push: check path length before using it X-Git-Tag: v1.7.3.4~10^2~2 X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=dfc2dcd9acf95794788f9471028485c2d2cc78ef;p=git.git http-push: check path length before using it We use path_len to skip the base url/path, but we do not know for sure if path does indeed contain the base url/path. Check if this is so. Helped-by: Johnathan Nieder Signed-off-by: Tay Ray Chuan Signed-off-by: Junio C Hamano --- diff --git a/http-push.c b/http-push.c index 565e580d5..bfa1fe7c0 100644 --- a/http-push.c +++ b/http-push.c @@ -1116,8 +1116,16 @@ static void handle_remote_ls_ctx(struct xml_ctx *ctx, int tag_closed) } } if (path) { - path += repo->path_len; - ls->dentry_name = xstrdup(path); + const char *url = repo->url; + if (repo->path) + url = repo->path; + if (strncmp(path, url, repo->path_len)) + error("Parsed path '%s' does not match url: '%s'\n", + path, url); + else { + path += repo->path_len; + ls->dentry_name = xstrdup(path); + } } } else if (!strcmp(ctx->name, DAV_PROPFIND_COLLECTION)) { ls->dentry_flags |= IS_DIR;