[PATCH] maint: check return of split_cmdline to avoid bad config strings

Deskin Miller <deskinm@xxxxxxxxx> · Wed, 24 Sep 2008 02:10:28 -0400

>From 7679d395856d17d7853eea0fc196435eab9be08f Mon Sep 17 00:00:00 2001
From: Deskin Miller <deskinm@xxxxxxxxx>
Date: Mon, 22 Sep 2008 11:06:41 -0400
Subject: [PATCH] maint: check return of split_cmdline to avoid bad config strings

Signed-off-by: Deskin Miller <deskinm@xxxxxxxxx>
---
As the testcase demonstrates, it's possible to have split_cmdline return -1 and
deallocate any memory it's allocated, if the config string is missing an end
quote.  In both the cases below, the return isn't checked, causing a pretty
immediate segfault.
 builtin-merge.c        |    2 ++
 git.c                  |    2 ++
 t/t1300-repo-config.sh |   10 ++++++++++
 3 files changed, 14 insertions(+), 0 deletions(-)

diff --git a/builtin-merge.c b/builtin-merge.c
index b280444..dcaf368 100644
--- a/builtin-merge.c
+++ b/builtin-merge.c
@@ -442,6 +442,8 @@ static int git_merge_config(const char *k, const char *v, void *cb)
 
 		buf = xstrdup(v);
 		argc = split_cmdline(buf, &argv);
+		if (argc < 0)
+			die("Bad branch.%s.mergeoptions string", branch);
 		argv = xrealloc(argv, sizeof(*argv) * (argc + 2));
 		memmove(argv + 1, argv, sizeof(*argv) * (argc + 1));
 		argc++;
diff --git a/git.c b/git.c
index fdb0f71..5582c51 100644
--- a/git.c
+++ b/git.c
@@ -162,6 +162,8 @@ static int handle_alias(int *argcp, const char ***argv)
 			    alias_string + 1, alias_command);
 		}
 		count = split_cmdline(alias_string, &new_argv);
+		if (count < 0)
+			die("Bad alias.%s string", alias_command);
 		option_count = handle_options(&new_argv, &count, &envchanged);
 		if (envchanged)
 			die("alias '%s' changes environment variables\n"
diff --git a/t/t1300-repo-config.sh b/t/t1300-repo-config.sh
index 64567fb..3794d23 100755
--- a/t/t1300-repo-config.sh
+++ b/t/t1300-repo-config.sh
@@ -741,4 +741,14 @@ test_expect_success 'symlinked configuration' '
 
 '
 
+test_expect_success 'check split_cmdline return' "
+	git config alias.split-cmdline-fix 'echo \"' &&
+	git split-cmdline-fix || test \$? = 128 &&
+	echo foo > foo &&
+	git add foo &&
+	git commit -m 'initial commit' &&
+	git config branch.master.mergeoptions 'echo \"' &&
+	git merge master || test \$? = 128
+	"
+
 test_done
-- 
1.6.0.2.GIT

--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




