opensourcemirror
/
git
mirror of https://github.com/git/git.git
1
0
Fork 0
Code Issues Releases Wiki Activity

url: do not allow %00 to represent NUL in URLs 

There is no reason to allow %00 to terminate a string, so do not allow it.
Otherwise, we end up returning arbitrary content in the string (that which is
after the %00) which is effectively hidden from callers and can escape sanity
checks and validation, and possible be used in tandem with a security
vulnerability to introduce a payload.

Helped-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Matthew DeVore <matvore@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Matthew DeVore 2019-06-04 10:57:05 -07:00 committed by Junio C Hamano
parent 3f6b8a6177
commit d37dc239a4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
url.c
View File

@ -48,7 +48,7 @@ static char *url_decode_internal(const char **query, int len,
if (c == '%' && (len < 0 || len >= 3)) {
int val = hex2chr(q + 1);
if (0 <= val) {
if (0 < val) {
strbuf_addch(out, val);
q += 3;
len -= 3;