fetch-pack: check for valid commit from server

A malicious server can return ACK with non-existent SHA-1 or not a commit. lookup_commit() in this case may return NULL. Do not let fetch-pack crash by accessing NULL address in this case. Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Nguyễn Thái Ngọc Duy <pclouds@gmail.com> 2011-08-18 20:36:03 +0700
committer: Junio C Hamano <gitster@pobox.com> 2011-08-18 12:25:54 -0700
commit: ec099546a9afdb73b6bf39d5d684e6fb207e2a7f (patch)
tree: 4165f093c23fe5ea472eba86ab77ce65ffcf3e6d
parent: checkout-index: remove obsolete comment (diff)
download: tgif-ec099546a9afdb73b6bf39d5d684e6fb207e2a7f.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/builtin/fetch-pack.c b/builtin/fetch-pack.c
index 4367984102..3c871c2da8 100644
--- a/builtin/fetch-pack.c
+++ b/builtin/fetch-pack.c
@@ -395,6 +395,8 @@ static int find_common(int fd[2], unsigned char *result_sha1,
 				case ACK_continue: {
 					struct commit *commit =
 						lookup_commit(result_sha1);
+					if (!commit)
+						die("invalid commit %s", sha1_to_hex(result_sha1));
 					if (args.stateless_rpc
 					 && ack == ACK_common
 					 && !(commit->object.flags & COMMON)) {
author	Nguyễn Thái Ngọc Duy <pclouds@gmail.com>	2011-08-18 20:36:03 +0700
committer	Junio C Hamano <gitster@pobox.com>	2011-08-18 12:25:54 -0700
commit	ec099546a9afdb73b6bf39d5d684e6fb207e2a7f (patch)
tree	4165f093c23fe5ea472eba86ab77ce65ffcf3e6d
parent	checkout-index: remove obsolete comment (diff)
download	tgif-ec099546a9afdb73b6bf39d5d684e6fb207e2a7f.tar.xz