Skip to content

Commit fb66352

Browse files
sambostocksambostock
committed
bundle-uri: validate that bundle entries have a uri
When a bundle list config file has a typo like 'url' instead of 'uri', or simply omits the uri field, the bundle entry is created but bundle->uri remains NULL. This causes a segfault when copy_uri_to_file() passes the NULL to starts_with(). Signed-off-by: Sam Bostock <[email protected]>
1 parent c4a0c88 commit fb66352

File tree

2 files changed

+49
-1
lines changed

2 files changed

+49
-1
lines changed

bundle-uri.c

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,10 @@ static int summarize_bundle(struct remote_bundle_info *info, void *data)
8989
{
9090
FILE *fp = data;
9191
fprintf(fp, "[bundle \"%s\"]\n", info->id);
92-
fprintf(fp, "\turi = %s\n", info->uri);
92+
if (info->uri)
93+
fprintf(fp, "\turi = %s\n", info->uri);
94+
else
95+
fprintf(fp, "\t# uri = (missing)\n");
9396

9497
if (info->creationToken)
9598
fprintf(fp, "\tcreationToken = %"PRIu64"\n", info->creationToken);
@@ -267,6 +270,19 @@ int bundle_uri_parse_config_format(const char *uri,
267270
result = 1;
268271
}
269272

273+
if (!result) {
274+
struct hashmap_iter iter;
275+
struct remote_bundle_info *bundle;
276+
277+
hashmap_for_each_entry(&list->bundles, &iter, bundle, ent) {
278+
if (!bundle->uri) {
279+
error(_("bundle list at '%s': bundle '%s' has no uri"),
280+
uri, bundle->id ? bundle->id : "<unknown>");
281+
result = 1;
282+
}
283+
}
284+
}
285+
270286
return result;
271287
}
272288

@@ -751,6 +767,12 @@ static int fetch_bundle_uri_internal(struct repository *r,
751767
return -1;
752768
}
753769

770+
if (!bundle->uri) {
771+
error(_("bundle '%s' has no uri"),
772+
bundle->id ? bundle->id : "<unknown>");
773+
return -1;
774+
}
775+
754776
if (!bundle->file &&
755777
!(bundle->file = find_temp_filename())) {
756778
result = -1;

t/t5750-bundle-uri-parse.sh

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -286,4 +286,30 @@ test_expect_success 'parse config format edge cases: creationToken heuristic' '
286286
grep "could not parse bundle list key creationToken with value '\''bogus'\''" err
287287
'
288288

289+
test_expect_success 'parse config format: bundle with missing uri' '
290+
cat >input <<-\EOF &&
291+
[bundle]
292+
version = 1
293+
mode = all
294+
[bundle "missing-uri"]
295+
creationToken = 1
296+
EOF
297+
298+
test_must_fail test-tool bundle-uri parse-config input 2>err &&
299+
grep "bundle '\''missing-uri'\'' has no uri" err
300+
'
301+
302+
test_expect_success 'parse config format: bundle with url instead of uri' '
303+
cat >input <<-\EOF &&
304+
[bundle]
305+
version = 1
306+
mode = all
307+
[bundle "typo"]
308+
url = https://example.com/bundle.bdl
309+
EOF
310+
311+
test_must_fail test-tool bundle-uri parse-config input 2>err &&
312+
grep "bundle '\''typo'\'' has no uri" err
313+
'
314+
289315
test_done

0 commit comments

Comments
 (0)