summaryrefslogtreecommitdiff
path: root/refs
diff options
context:
space:
mode:
authorMichael Haggerty <mhagger@alum.mit.edu>2017-07-01 20:31:08 +0200
committerJunio C Hamano <gitster@pobox.com>2017-07-03 10:01:57 -0700
commit9308b7f3ca9bbe7e76b16c832617a8c6aea5ade3 (patch)
tree600c37ecabfa3871dafdb87914f23e89184b0f78 /refs
parent02a1a42056bd2e34f872d61e2ec7aa00dd43422b (diff)
downloadgit-9308b7f3ca9bbe7e76b16c832617a8c6aea5ade3.tar.gz
read_packed_refs(): die if `packed-refs` contains bogus data
The old code ignored any lines that it didn't understand, including unterminated lines. This is dangerous. Instead, `die()` if the `packed-refs` file contains any unterminated lines or lines that we don't know how to handle. This fixes the tests added in the last commit. Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'refs')
-rw-r--r--refs/packed-backend.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/refs/packed-backend.c b/refs/packed-backend.c
index 377c775adb..a28befbfa3 100644
--- a/refs/packed-backend.c
+++ b/refs/packed-backend.c
@@ -229,6 +229,9 @@ static struct packed_ref_cache *read_packed_refs(const char *packed_refs_file)
const char *refname;
const char *traits;
+ if (!line.len || line.buf[line.len - 1] != '\n')
+ die("unterminated line in %s: %s", packed_refs_file, line.buf);
+
if (skip_prefix(line.buf, "# pack-refs with:", &traits)) {
if (strstr(traits, " fully-peeled "))
peeled = PEELED_FULLY;
@@ -253,9 +256,7 @@ static struct packed_ref_cache *read_packed_refs(const char *packed_refs_file)
(peeled == PEELED_TAGS && starts_with(refname, "refs/tags/")))
last->flag |= REF_KNOWS_PEELED;
add_ref_entry(dir, last);
- continue;
- }
- if (last &&
+ } else if (last &&
line.buf[0] == '^' &&
line.len == PEELED_LINE_LENGTH &&
line.buf[PEELED_LINE_LENGTH - 1] == '\n' &&
@@ -267,6 +268,9 @@ static struct packed_ref_cache *read_packed_refs(const char *packed_refs_file)
* reference:
*/
last->flag |= REF_KNOWS_PEELED;
+ } else {
+ strbuf_setlen(&line, line.len - 1);
+ die("unexpected line in %s: %s", packed_refs_file, line.buf);
}
}