Sean <seanlkml@xxxxxxxxxxxx> writes:
> A refspec typo can cause a Null-pointer dereference and segmentation
> fault. For instance, the space before the colon in the following
> example results in a segfault:
>
> $ git fetch ../repo refs/heads/* :refs/heads/*
> Segmentation fault (core dumped)
>
> To avoid the segfault, set an empty refspec destination string
> if one isn't found by parsing.
>
> Signed-off-by: Sean Estabrooks <seanlkml@xxxxxxxxxxxx>
> ---
> remote.c | 2 ++
> 1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/remote.c b/remote.c
> index 0e00680..414c73a 100644
> --- a/remote.c
> +++ b/remote.c
> @@ -336,6 +336,8 @@ struct refspec *parse_ref_spec(int nr_refspec, const char **refspec)
> ep = gp;
> }
> rs[i].src = xstrndup(sp, ep - sp);
> + if (!rs[i].dst)
> + rs[i].dst = xstrdup("");
> }
> return rs;
> }
I haven't followed the codepath carefully before responding, it
feels like sweeping the breakage under the carpet, without
fixing the real issue.
If the problem is a badly formatted input, shouldn't the code
die loudly with diagnostic message, instead of pretending as if
the user said something different (and sensible), especially
without telling the user that that is what the code is doing?
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
