BasePackConnection: Check for expected length of ref advertisement - jgit.git - JGit, the Java implementation of git: https://github.com/eclipse-jgit/jgit

diff options

author	David Pursehouse <david.pursehouse@gmail.com>	2018-12-18 19:53:26 +0900
committer	David Pursehouse <david.pursehouse@gmail.com>	2018-12-20 11:41:02 +0900
commit	f4fc6404baac5a6a5db34f71e62fb62fd8f1b8ef (patch)
tree	5fd72ba429af2477a1e7bbe3c52295ad32c3ed3b /org.eclipse.jgit.http.test/tst/org/eclipse/jgit
parent	2269669fb11224da272aebe2f02393388c62a0fd (diff)
download	jgit-f4fc6404baac5a6a5db34f71e62fb62fd8f1b8ef.tar.gz jgit-f4fc6404baac5a6a5db34f71e62fb62fd8f1b8ef.zip

BasePackConnection: Check for expected length of ref advertisement

When a server sends a ref advertisement using protocol v2 it contains lines other than ref names and sha1s. Attempting to get the sha1 out of such a line using the substring method can result in a SIOOB error when it doesn't actually contain the sha1 and ref name. Add a check that the line is of the expected length, and subsequently that the extracted object id is valid, and if not throw an exception. Change-Id: Id92fe66ff8b6deb2cf987d81929f8d0602c399f4 Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>

Diffstat (limited to 'org.eclipse.jgit.http.test/tst/org/eclipse/jgit')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: