summaryrefslogtreecommitdiff
path: root/serve.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2021-09-15 14:35:29 -0400
committerJunio C Hamano <gitster@pobox.com>2021-09-15 12:25:19 -0700
commitf0a35c9ce52ade69311ab3b8cb111e145eb7b875 (patch)
tree30cf2a411084e1d88d60d3aa9fcd55b10ae4b36b /serve.c
parentab539c9094e3e3691f157830f74406042d55f774 (diff)
downloadgit-f0a35c9ce52ade69311ab3b8cb111e145eb7b875.tar.gz
serve: drop "keys" strvec
We collect the set of capabilities the client sends us in a strvec. While this is usually small, there's no limit to the number of capabilities the client can send us (e.g., they could just send us "agent" pkt-lines over and over, and we'd keep adding them to the list). Since all code has been converted away from using this list, let's get rid of it. This avoids a potential attack where clients waste our memory. Note that we do have to replace it with a flag, because some of the flush-packet logic checks whether we've seen any valid commands or keys. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'serve.c')
-rw-r--r--serve.c8
1 files changed, 3 insertions, 5 deletions
diff --git a/serve.c b/serve.c
index 6bbf54cbbe..1a7c8a118f 100644
--- a/serve.c
+++ b/serve.c
@@ -239,7 +239,7 @@ static int process_request(void)
{
enum request_state state = PROCESS_REQUEST_KEYS;
struct packet_reader reader;
- struct strvec keys = STRVEC_INIT;
+ int seen_capability_or_command = 0;
struct protocol_capability *command = NULL;
packet_reader_init(&reader, 0, NULL, 0,
@@ -260,10 +260,9 @@ static int process_request(void)
case PACKET_READ_EOF:
BUG("Should have already died when seeing EOF");
case PACKET_READ_NORMAL:
- /* collect request; a sequence of keys and values */
if (parse_command(reader.line, &command) ||
receive_client_capability(reader.line))
- strvec_push(&keys, reader.line);
+ seen_capability_or_command = 1;
else
die("unknown capability '%s'", reader.line);
@@ -275,7 +274,7 @@ static int process_request(void)
* If no command and no keys were given then the client
* wanted to terminate the connection.
*/
- if (!keys.nr)
+ if (!seen_capability_or_command)
return 1;
/*
@@ -309,7 +308,6 @@ static int process_request(void)
command->command(the_repository, &reader);
- strvec_clear(&keys);
return 0;
}