From dfc2dcd9acf95794788f9471028485c2d2cc78ef Mon Sep 17 00:00:00 2001 From: Tay Ray Chuan Date: Thu, 25 Nov 2010 16:21:08 +0800 Subject: [PATCH] http-push: check path length before using it We use path_len to skip the base url/path, but we do not know for sure if path does indeed contain the base url/path. Check if this is so. Helped-by: Johnathan Nieder Signed-off-by: Tay Ray Chuan Signed-off-by: Junio C Hamano --- http-push.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/http-push.c b/http-push.c index 565e580d5..bfa1fe7c0 100644 --- a/http-push.c +++ b/http-push.c @@ -1116,8 +1116,16 @@ static void handle_remote_ls_ctx(struct xml_ctx *ctx, int tag_closed) } } if (path) { - path += repo->path_len; - ls->dentry_name = xstrdup(path); + const char *url = repo->url; + if (repo->path) + url = repo->path; + if (strncmp(path, url, repo->path_len)) + error("Parsed path '%s' does not match url: '%s'\n", + path, url); + else { + path += repo->path_len; + ls->dentry_name = xstrdup(path); + } } } else if (!strcmp(ctx->name, DAV_PROPFIND_COLLECTION)) { ls->dentry_flags |= IS_DIR; -- 2.26.2