From 6e8e67f3071ecdc139f6a77f90afee50b5ec1664 Mon Sep 17 00:00:00 2001 From: Julian Phillips Date: Sat, 16 Jul 2011 19:23:51 +0100 Subject: [PATCH] remote-curl: Add a format check to parsing of info/refs When parsing info/refs, no checks were applied that the file was in the requried format. Since the file is read from a remote webserver, this isn't guarenteed to be true. Add a check that the file at least only contains lines that consist of 40 characters followed by a tab and then the ref name. Signed-off-by: Julian Phillips Signed-off-by: Junio C Hamano --- remote-curl.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/remote-curl.c b/remote-curl.c index b5be25ce9..8ac502834 100644 --- a/remote-curl.c +++ b/remote-curl.c @@ -227,6 +227,8 @@ static struct ref *parse_info_refs(struct discovery *heads) if (data[i] == '\t') mid = &data[i]; if (data[i] == '\n') { + if (mid - start != 40) + die("%sinfo/refs not valid: is this a git repository?", url); data[i] = 0; ref_name = mid + 1; ref = xmalloc(sizeof(struct ref) + -- 2.30.2