diff options
author | Jeff King <peff@peff.net> | 2009-05-18 19:58:11 +0200 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2009-05-20 09:06:19 +0200 |
commit | e64c1b0053f2dc4fc5b434a9806b90318bac9592 (patch) | |
tree | a531a2cb6275af5df03dc003091eeceaf5d8891d /builtin-for-each-ref.c | |
parent | show-branch: Fix die message in parse_reflog_param() (diff) | |
download | git-e64c1b0053f2dc4fc5b434a9806b90318bac9592.tar.xz git-e64c1b0053f2dc4fc5b434a9806b90318bac9592.zip |
for-each-ref: fix segfault in copy_email
You can trigger a segfault in git.git by doing:
git for-each-ref --format='%(taggeremail)' refs/tags/v0.99
The v0.99 tag is special in that it contains no "tagger"
header.
The bug is obvious in copy_email, which carefully checks to
make sure the result of a strchr is non-NULL, but only after
already having used it to perform other work. The fix is to
move the check up.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to '')
-rw-r--r-- | builtin-for-each-ref.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/builtin-for-each-ref.c b/builtin-for-each-ref.c index 91e8f95fd2..d091e04af9 100644 --- a/builtin-for-each-ref.c +++ b/builtin-for-each-ref.c @@ -339,8 +339,11 @@ static const char *copy_name(const char *buf) static const char *copy_email(const char *buf) { const char *email = strchr(buf, '<'); - const char *eoemail = strchr(email, '>'); - if (!email || !eoemail) + const char *eoemail; + if (!email) + return ""; + eoemail = strchr(email, '>'); + if (!eoemail) return ""; return xmemdupz(email, eoemail + 1 - email); } |