We saw an upload-pack segfault in the wild today at GitHub. It's caused by a client sending bogus v2 protocol lines (a "delim" packet instead of a "flush"). So the client is broken and our only option is to break the network connection, but we shouldn't segfault while doing so. :) I don't think the broken client was Git. It didn't send an "agent" capability at all, which makes me suspect it was somebody generating the request manually (nor was there anything interesting in the transport layer agent; it was just an openssh client). The fix was simple enough, and is in the second patch. The first one is just a small cleanup / refactor in preparation. [1/2]: test-lib-functions: make packetize() more efficient [2/2]: upload-pack: handle unexpected delim packets ls-refs.c | 5 +++- t/t5562-http-backend-content-length.sh | 19 +++++++++------ t/t5704-protocol-violations.sh | 33 ++++++++++++++++++++++++++ t/test-lib-functions.sh | 23 ++++++++++++------ upload-pack.c | 5 +++- 5 files changed, 69 insertions(+), 16 deletions(-) create mode 100755 t/t5704-protocol-violations.sh -Peff
