Skip to content

Commit 3d8a014

Browse files
sambostocksambostock
committed
bundle-uri: validate that bundle entries have a uri
When a bundle list config file has a typo like 'url' instead of 'uri', or simply omits the uri field, the bundle entry is created but bundle->uri remains NULL. This causes a segfault when copy_uri_to_file() passes the NULL to starts_with(). Signed-off-by: Sam Bostock <[email protected]>
1 parent c4a0c88 commit 3d8a014

File tree

2 files changed

+47
-1
lines changed

2 files changed

+47
-1
lines changed

bundle-uri.c

Lines changed: 21 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,8 @@ static int summarize_bundle(struct remote_bundle_info *info, void *data)
8989
{
9090
FILE *fp = data;
9191
fprintf(fp, "[bundle \"%s\"]\n", info->id);
92-
fprintf(fp, "\turi = %s\n", info->uri);
92+
if (info->uri)
93+
fprintf(fp, "\turi = %s\n", info->uri);
9394

9495
if (info->creationToken)
9596
fprintf(fp, "\tcreationToken = %"PRIu64"\n", info->creationToken);
@@ -267,6 +268,19 @@ int bundle_uri_parse_config_format(const char *uri,
267268
result = 1;
268269
}
269270

271+
if (!result) {
272+
struct hashmap_iter iter;
273+
struct remote_bundle_info *bundle;
274+
275+
hashmap_for_each_entry(&list->bundles, &iter, bundle, ent) {
276+
if (!bundle->uri) {
277+
error(_("bundle list at '%s': bundle '%s' has no uri"),
278+
uri, bundle->id ? bundle->id : "<unknown>");
279+
result = 1;
280+
}
281+
}
282+
}
283+
270284
return result;
271285
}
272286

@@ -751,6 +765,12 @@ static int fetch_bundle_uri_internal(struct repository *r,
751765
return -1;
752766
}
753767

768+
if (!bundle->uri) {
769+
error(_("bundle '%s' has no uri"),
770+
bundle->id ? bundle->id : "<unknown>");
771+
return -1;
772+
}
773+
754774
if (!bundle->file &&
755775
!(bundle->file = find_temp_filename())) {
756776
result = -1;

t/t5750-bundle-uri-parse.sh

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -286,4 +286,30 @@ test_expect_success 'parse config format edge cases: creationToken heuristic' '
286286
grep "could not parse bundle list key creationToken with value '\''bogus'\''" err
287287
'
288288

289+
test_expect_success 'parse config format: bundle with missing uri' '
290+
cat >input <<-\EOF &&
291+
[bundle]
292+
version = 1
293+
mode = all
294+
[bundle "missing-uri"]
295+
creationToken = 1
296+
EOF
297+
298+
test_must_fail test-tool bundle-uri parse-config input 2>err &&
299+
grep "bundle '\''missing-uri'\'' has no uri" err
300+
'
301+
302+
test_expect_success 'parse config format: bundle with url instead of uri' '
303+
cat >input <<-\EOF &&
304+
[bundle]
305+
version = 1
306+
mode = all
307+
[bundle "typo"]
308+
url = https://example.com/bundle.bdl
309+
EOF
310+
311+
test_must_fail test-tool bundle-uri parse-config input 2>err &&
312+
grep "bundle '\''typo'\'' has no uri" err
313+
'
314+
289315
test_done

0 commit comments

Comments
 (0)