development/git
development/git
1
0
Fork 0
mirror of https://github.com/git/git synced 2024-07-05 00:58:49 +00:00
Code Issues Projects Releases Wiki Activity

commit-reach: avoid NULL dereference

Browse Source 
The loop at the top of can_all_from_reach_with_flag() already
accounts for `from->objects[i].item' being NULL, so it follows
the cleanup loop should also account for a NULL `from_one'.

I managed to segfault here on one of my giant, many-remote repos
using `git fetch --negotiation-tip=...  --negotiation-only'
where the --negotiation-tip= argument was a glob which (inadvertently)
captured more refs than I wanted.  I have not reproduced this
in a standalone test case.

Signed-off-by: Eric Wong <e@80x24.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Eric Wong 2023-02-11 11:15:26 +00:00 committed by Junio C Hamano
parent 4067a64672
commit c5773dc078
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
commit-reach.c
View File

@ -628,8 +628,12 @@ int can_all_from_reach_with_flag(struct object_array *from,
} }
free(list); free(list);
for (i = 0; i < from->nr; i++) for (i = 0; i < from->nr; i++) {
from->objects[i].item->flags &= ~assign_flag; struct object *from_one = from->objects[i].item;
if (from_one)
from_one->flags &= ~assign_flag;
}
return result; return result;
} }