http-push: check path length before using it

We use path_len to skip the base url/path, but we do not know for sure if path does indeed contain the base url/path. Check if this is so. Helped-by: Johnathan Nieder <jrnieder@gmail.com> Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
git-mirror · Nov 26, 2010 · dfc2dcd · dfc2dcd
1 parent 0fdadc5
commit dfc2dcd
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/http-push.c b/http-push.c
@@ -1116,8 +1116,16 @@ static void handle_remote_ls_ctx(struct xml_ctx *ctx, int tag_closed)
 				}
 			}
 			if (path) {
-				path += repo->path_len;
-				ls->dentry_name = xstrdup(path);
+				const char *url = repo->url;
+				if (repo->path)
+					url = repo->path;
+				if (strncmp(path, url, repo->path_len))
+					error("Parsed path '%s' does not match url: '%s'\n",
+					      path, url);
+				else {
+					path += repo->path_len;
+					ls->dentry_name = xstrdup(path);
+				}
 			}
 		} else if (!strcmp(ctx->name, DAV_PROPFIND_COLLECTION)) {
 			ls->dentry_flags |= IS_DIR;