BasePackConnection: Check for expected length of ref advertisement
When a server sends a ref advertisement using protocol v2 it contains lines other than ref names and sha1s. Attempting to get the sha1 out of such a line using the substring method can result in a SIOOB error when it doesn't actually contain the sha1 and ref name. Add a check that the line is of the expected length, and subsequently that the extracted object id is valid, and if not throw an exception. Change-Id: Id92fe66ff8b6deb2cf987d81929f8d0602c399f4 Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
This commit is contained in:
parent
2269669fb1
commit
f4fc6404ba
|
@ -390,6 +390,7 @@ invalidPathPeriodAtEndWindows=Invalid path (period at end is ignored by Windows)
|
|||
invalidPathSpaceAtEndWindows=Invalid path (space at end is ignored by Windows): {0}
|
||||
invalidPathReservedOnWindows=Invalid path (''{0}'' is reserved on Windows): {1}
|
||||
invalidRedirectLocation=Invalid redirect location {0} -> {1}
|
||||
invalidRefAdvertisementLine=Invalid ref advertisement line: ''{1}''
|
||||
invalidReflogRevision=Invalid reflog revision: {0}
|
||||
invalidRefName=Invalid ref name: {0}
|
||||
invalidReftableBlock=Invalid reftable block
|
||||
|
|
|
@ -451,6 +451,7 @@ public static JGitText get() {
|
|||
/***/ public String invalidPathSpaceAtEndWindows;
|
||||
/***/ public String invalidPathReservedOnWindows;
|
||||
/***/ public String invalidRedirectLocation;
|
||||
/***/ public String invalidRefAdvertisementLine;
|
||||
/***/ public String invalidReflogRevision;
|
||||
/***/ public String invalidRefName;
|
||||
/***/ public String invalidReftableBlock;
|
||||
|
|
|
@ -57,6 +57,7 @@
|
|||
import java.util.LinkedHashMap;
|
||||
import java.util.Set;
|
||||
|
||||
import org.eclipse.jgit.errors.InvalidObjectIdException;
|
||||
import org.eclipse.jgit.errors.NoRemoteRepositoryException;
|
||||
import org.eclipse.jgit.errors.PackProtocolException;
|
||||
import org.eclipse.jgit.errors.RemoteRepositoryException;
|
||||
|
@ -222,6 +223,10 @@ private void readAdvertisedRefsImpl() throws IOException {
|
|||
}
|
||||
}
|
||||
|
||||
// Expecting to get a line in the form "sha1 refname"
|
||||
if (line.length() < 41 || line.charAt(40) != ' ') {
|
||||
throw invalidRefAdvertisementLine(line);
|
||||
}
|
||||
String name = line.substring(41, line.length());
|
||||
if (avail.isEmpty() && name.equals("capabilities^{}")) { //$NON-NLS-1$
|
||||
// special line from git-receive-pack to show
|
||||
|
@ -229,7 +234,12 @@ private void readAdvertisedRefsImpl() throws IOException {
|
|||
continue;
|
||||
}
|
||||
|
||||
final ObjectId id = ObjectId.fromString(line.substring(0, 40));
|
||||
final ObjectId id;
|
||||
try {
|
||||
id = ObjectId.fromString(line.substring(0, 40));
|
||||
} catch (InvalidObjectIdException e) {
|
||||
throw invalidRefAdvertisementLine(line);
|
||||
}
|
||||
if (name.equals(".have")) { //$NON-NLS-1$
|
||||
additionalHaves.add(id);
|
||||
} else if (name.endsWith("^{}")) { //$NON-NLS-1$
|
||||
|
@ -318,6 +328,10 @@ private PackProtocolException duplicateAdvertisement(String name) {
|
|||
return new PackProtocolException(uri, MessageFormat.format(JGitText.get().duplicateAdvertisementsOf, name));
|
||||
}
|
||||
|
||||
private PackProtocolException invalidRefAdvertisementLine(String line) {
|
||||
return new PackProtocolException(uri, MessageFormat.format(JGitText.get().invalidRefAdvertisementLine, line));
|
||||
}
|
||||
|
||||
/** {@inheritDoc} */
|
||||
@Override
|
||||
public void close() {
|
||||
|
|
Loading…
Reference in New Issue