The resolve_ref_unsafe() function may return NULL even with
a REF_ISSYMREF flag if a symref points to a broken ref. As a
result, it's possible for the decoration code's "is this
branch the current HEAD" check to segfault when it passes
the NULL to starts_with().
This is unlikely in practice, since we can only reach this
code if we already resolved HEAD to a matching sha1 earlier.
But it's possible if HEAD racily becomes broken, or if
there's a transient filesystem error.
We can fix this by returning early in the broken case, since
NULL could not possibly match any of our branch names.
Signed-off-by: Jeff King <peff@xxxxxxxx>
---
log-tree.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/log-tree.c b/log-tree.c
index cea056234d..580b3a98a0 100644
--- a/log-tree.c
+++ b/log-tree.c
@@ -198,7 +198,7 @@ static const struct name_decoration *current_pointed_by_HEAD(const struct name_d
/* Now resolve and find the matching current branch */
branch_name = resolve_ref_unsafe("HEAD", 0, NULL, &rru_flags);
- if (!(rru_flags & REF_ISSYMREF))
+ if (!branch_name || !(rru_flags & REF_ISSYMREF))
return NULL;
if (!starts_with(branch_name, "refs/"))
--
2.15.0.rc1.560.g5f0609e481
