diff options
| -rw-r--r-- | src/refs.c | 21 | ||||
| -rw-r--r-- | tests-clar/refs/read.c | 1 | ||||
| -rw-r--r-- | tests-clar/resources/testrepo.git/FETCH_HEAD | 2 |
3 files changed, 21 insertions, 3 deletions
diff --git a/src/refs.c b/src/refs.c index 1d73b2677..9e2311b07 100644 --- a/src/refs.c +++ b/src/refs.c @@ -155,11 +155,26 @@ static int loose_parse_symbolic(git_reference *ref, git_buf *file_content) static int loose_parse_oid(git_oid *oid, git_buf *file_content) { - /* File format: 40 chars (OID) */ - if (git_buf_len(file_content) == GIT_OID_HEXSZ && - git_oid_fromstr(oid, git_buf_cstr(file_content)) == 0) + size_t len; + const char *str; + + len = git_buf_len(file_content); + if (len < GIT_OID_HEXSZ) + goto corrupted; + + /* str is guranteed to be zero-terminated */ + str = git_buf_cstr(file_content); + + /* If the file is longer than 40 chars, the 41st must be a space */ + if (git_oid_fromstr(oid, git_buf_cstr(file_content)) < 0) + goto corrupted; + + /* If the file is longer than 40 chars, the 41st must be a space */ + str += GIT_OID_HEXSZ; + if (*str == '\0' || git__isspace(*str)) return 0; +corrupted: giterr_set(GITERR_REFERENCE, "Corrupted loose reference file"); return -1; } diff --git a/tests-clar/refs/read.c b/tests-clar/refs/read.c index 6ab6bf586..fc2d6b902 100644 --- a/tests-clar/refs/read.c +++ b/tests-clar/refs/read.c @@ -212,6 +212,7 @@ void test_refs_read__trailing(void) cl_git_pass(git_reference_lookup(&test, g_repo, "refs/heads/test")); cl_git_pass(git_reference_lookup(&trailing, g_repo, "refs/heads/trailing")); cl_git_pass(git_oid_cmp(git_reference_oid(test), git_reference_oid(trailing))); + cl_git_pass(git_reference_lookup(&trailing, g_repo, "FETCH_HEAD")); git_reference_free(test); git_reference_free(trailing); diff --git a/tests-clar/resources/testrepo.git/FETCH_HEAD b/tests-clar/resources/testrepo.git/FETCH_HEAD new file mode 100644 index 000000000..48446265c --- /dev/null +++ b/tests-clar/resources/testrepo.git/FETCH_HEAD @@ -0,0 +1,2 @@ +a65fedf39aefe402d3bb6e24df4d4f5fe4547750 branch 'master' of git://example.com/git/testrepo.git +258f0e2a959a364e40ed6603d5d44fbb24765b10 not-for-merge branch 'haacked' of git://example.com/git/testrepo.git |