Merge branch 'md/url-parse-harden'

The URL decoding code has been updated to avoid going past the end of the string while parsing %-<hex>-<hex> sequence. * md/url-parse-harden: url: do not allow %00 to represent NUL in URLs url: do not read past end of buffer
author: Junio C Hamano <gitster@pobox.com> 2019-06-21 11:24:12 -0700
committer: Junio C Hamano <gitster@pobox.com> 2019-06-21 11:24:12 -0700
commit: f9089e8491fdf50d941f071552872e7cca0e2e04 (patch)
tree: ab8824d37b8f1d178f41ee5f6aa142aef0bef09c
parent: e694ea5e04ea2cabc64ade337063b5562810b268 (diff)
parent: d37dc239a427a367427f9c4fdf12a148ad811968 (diff)
download: git-f9089e8491fdf50d941f071552872e7cca0e2e04.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/url.c b/url.c
index 25576c390b..1b8ef78cea 100644
--- a/url.c
+++ b/url.c
@@ -46,9 +46,9 @@ static char *url_decode_internal(const char **query, int len,
 			break;
 		}
 
-		if (c == '%') {
+		if (c == '%' && (len < 0 || len >= 3)) {
 			int val = hex2chr(q + 1);
-			if (0 <= val) {
+			if (0 < val) {
 				strbuf_addch(out, val);
 				q += 3;
 				len -= 3;
author	Junio C Hamano <gitster@pobox.com>	2019-06-21 11:24:12 -0700
committer	Junio C Hamano <gitster@pobox.com>	2019-06-21 11:24:12 -0700
commit	f9089e8491fdf50d941f071552872e7cca0e2e04 (patch)
tree	ab8824d37b8f1d178f41ee5f6aa142aef0bef09c
parent	e694ea5e04ea2cabc64ade337063b5562810b268 (diff)
parent	d37dc239a427a367427f9c4fdf12a148ad811968 (diff)
download	git-f9089e8491fdf50d941f071552872e7cca0e2e04.tar.xz