From 79e913c24aa37d0ede9ed9e8962a19634ae5129a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Scharfe?= Date: Sat, 6 May 2017 19:13:52 +0200 Subject: checkout: check return value of resolve_refdup before using hash If resolve_refdup() fails it returns NULL and possibly leaves its hash output parameter untouched. Make sure to use it only if the function succeeded, in order to avoid accessing uninitialized memory. Found with t/t2011-checkout-invalid-head.sh --valgrind. Signed-off-by: Rene Scharfe Signed-off-by: Junio C Hamano --- builtin/checkout.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/builtin/checkout.c b/builtin/checkout.c index 81f07c3ef2..5744499098 100644 --- a/builtin/checkout.c +++ b/builtin/checkout.c @@ -814,7 +814,8 @@ static int switch_branches(const struct checkout_opts *opts, int flag, writeout_error = 0; memset(&old, 0, sizeof(old)); old.path = path_to_free = resolve_refdup("HEAD", 0, rev.hash, &flag); - old.commit = lookup_commit_reference_gently(rev.hash, 1); + if (old.path) + old.commit = lookup_commit_reference_gently(rev.hash, 1); if (!(flag & REF_ISSYMREF)) old.path = NULL; -- cgit v1.2.1