mirror of
https://github.com/git/git.git
synced 2024-10-30 13:57:54 +01:00
fetch-pack: check for valid commit from server
A malicious server can return ACK with non-existent SHA-1 or not a commit. lookup_commit() in this case may return NULL. Do not let fetch-pack crash by accessing NULL address in this case. Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
parent
a47a645e70
commit
ec099546a9
1 changed files with 2 additions and 0 deletions
|
@ -395,6 +395,8 @@ static int find_common(int fd[2], unsigned char *result_sha1,
|
|||
case ACK_continue: {
|
||||
struct commit *commit =
|
||||
lookup_commit(result_sha1);
|
||||
if (!commit)
|
||||
die("invalid commit %s", sha1_to_hex(result_sha1));
|
||||
if (args.stateless_rpc
|
||||
&& ack == ACK_common
|
||||
&& !(commit->object.flags & COMMON)) {
|
||||
|
|
Loading…
Reference in a new issue