diff options
| author | Deskin Miller <deskinm@umich.edu> | 2008-09-22 15:06:41 (GMT) |
|---|---|---|
| committer | Shawn O. Pearce <spearce@spearce.org> | 2008-09-24 15:58:14 (GMT) |
| commit | dc4179f9a76473176eb473f6f568b0006c823fba (patch) | |
| tree | 92f5313234d45db2628fb56d37c5e6171a46b09b /builtin-merge.c | |
| parent | db87e3960c5a770db13c9ba9602b5e88848e2d1a (diff) | |
| download | git-dc4179f9a76473176eb473f6f568b0006c823fba.zip git-dc4179f9a76473176eb473f6f568b0006c823fba.tar.gz git-dc4179f9a76473176eb473f6f568b0006c823fba.tar.bz2 | |
maint: check return of split_cmdline to avoid bad config strings
As the testcase demonstrates, it's possible for split_cmdline to return -1 and
deallocate any memory it's allocated, if the config string is missing an end
quote. In both the cases below, which are the only calling sites, the return
isn't checked, and using the pointer causes a pretty immediate segfault.
Signed-off-by: Deskin Miller <deskinm@umich.edu>
Acked-by: Miklos Vajna <vmiklos@frugalware.org>
Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
Diffstat (limited to 'builtin-merge.c')
| -rw-r--r-- | builtin-merge.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/builtin-merge.c b/builtin-merge.c index b280444..dcaf368 100644 --- a/builtin-merge.c +++ b/builtin-merge.c @@ -442,6 +442,8 @@ static int git_merge_config(const char *k, const char *v, void *cb) buf = xstrdup(v); argc = split_cmdline(buf, &argv); + if (argc < 0) + die("Bad branch.%s.mergeoptions string", branch); argv = xrealloc(argv, sizeof(*argv) * (argc + 2)); memmove(argv + 1, argv, sizeof(*argv) * (argc + 1)); argc++; |