remote-curl: Add a format check to parsing of info/refs

When parsing info/refs, no checks were applied that the file was in the requried format. Since the file is read from a remote webserver, this isn't guarenteed to be true. Add a check that the file at least only contains lines that consist of 40 characters followed by a tab and then the ref name. Signed-off-by: Julian Phillips <julian@quantumfyre.co.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Julian Phillips <julian@quantumfyre.co.uk> 2011-07-16 18:23:51 (GMT)
committer: Junio C Hamano <gitster@pobox.com> 2011-07-20 22:51:55 (GMT)
commit: 6e8e67f3071ecdc139f6a77f90afee50b5ec1664 (patch)
tree: 51b14758f0731a26b60bc43e7092297e06a11587 /remote-curl.c
parent: 8b5900751a5f19257dc9570dd195aaac46528599 (diff)
download: git-6e8e67f3071ecdc139f6a77f90afee50b5ec1664.zip
git-6e8e67f3071ecdc139f6a77f90afee50b5ec1664.tar.gz
git-6e8e67f3071ecdc139f6a77f90afee50b5ec1664.tar.bz2
1 files changed, 2 insertions, 0 deletions
diff --git a/remote-curl.c b/remote-curl.c
index b5be25c..8ac5028 100644
--- a/remote-curl.c
+++ b/remote-curl.c
@@ -227,6 +227,8 @@ static struct ref *parse_info_refs(struct discovery *heads)
 		if (data[i] == '\t')
 			mid = &data[i];
 		if (data[i] == '\n') {
+			if (mid - start != 40)
+				die("%sinfo/refs not valid: is this a git repository?", url);
 			data[i] = 0;
 			ref_name = mid + 1;
 			ref = xmalloc(sizeof(struct ref) +
author	Julian Phillips <julian@quantumfyre.co.uk>	2011-07-16 18:23:51 (GMT)
committer	Junio C Hamano <gitster@pobox.com>	2011-07-20 22:51:55 (GMT)
commit	6e8e67f3071ecdc139f6a77f90afee50b5ec1664 (patch)
tree	51b14758f0731a26b60bc43e7092297e06a11587 /remote-curl.c
parent	8b5900751a5f19257dc9570dd195aaac46528599 (diff)
download	git-6e8e67f3071ecdc139f6a77f90afee50b5ec1664.zip git-6e8e67f3071ecdc139f6a77f90afee50b5ec1664.tar.gz git-6e8e67f3071ecdc139f6a77f90afee50b5ec1664.tar.bz2