mirror/git
1
0
Fork 0
mirror of https://github.com/git/git.git synced 2024-11-18 02:23:52 +01:00
Code

Fix minor DOS in rev-list.

Browse Source 
A carefully crafted pathname can be used to disrupt downstream git-pack-objects
that uses 'git-rev-list --objects' output.  Prevent this.

Signed-off-by: Junio C Hamano <junkio@cox.net>
This commit is contained in:
Junio C Hamano 2005-10-02 17:29:21 -07:00
parent 91dd674e30
commit c807f77194
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
rev-list.c
View File

@ -194,7 +194,17 @@ static void show_commit_list(struct commit_list *list)
die("unknown pending object %s (%s)", sha1_to_hex(obj->sha1), name);
}
while (objects) {
printf("%s %s\n", sha1_to_hex(objects->item->sha1), objects->name);
/* An object with name "foo\n0000000000000000000000000000000000000000"
* can be used confuse downstream git-pack-objects very badly.
*/
const char *ep = strchr(objects->name, '\n');
if (ep) {
printf("%s %.*s\n", sha1_to_hex(objects->item->sha1),
(int) (ep - objects->name),
objects->name);
}
else
printf("%s %s\n", sha1_to_hex(objects->item->sha1), objects->name);
objects = objects->next;
}
}