Skip to content

Commit 79bbc7f

Browse files
Johannes Sixtgitster
Johannes Sixt
authored and
gitster
committed
git-remote: do not use user input in a printf format string
'git remote show' substituted the remote name into a string that was later used as a printf format string. If a remote name contains a printf format specifier like this: $ git remote add foo%sbar . then the command $ git remote show foo%sbar would print garbage (if you are lucky) or crash. This fixes it. Signed-off-by: Johannes Sixt <[email protected]> Signed-off-by: Junio C Hamano <[email protected]>
1 parent cc185a6 commit 79bbc7f

File tree

1 file changed

+8
-10
lines changed

1 file changed

+8
-10
lines changed

builtin-remote.c

Lines changed: 8 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -407,14 +407,15 @@ static int rm(int argc, const char **argv)
407407
return i;
408408
}
409409

410-
static void show_list(const char *title, struct string_list *list)
410+
static void show_list(const char *title, struct string_list *list,
411+
const char *extra_arg)
411412
{
412413
int i;
413414

414415
if (!list->nr)
415416
return;
416417

417-
printf(title, list->nr > 1 ? "es" : "");
418+
printf(title, list->nr > 1 ? "es" : "", extra_arg);
418419
printf("\n ");
419420
for (i = 0; i < list->nr; i++)
420421
printf("%s%s", i ? " " : "", list->items[i].string);
@@ -477,7 +478,6 @@ static int show(int argc, const char **argv)
477478

478479
memset(&states, 0, sizeof(states));
479480
for (; argc; argc--, argv++) {
480-
struct strbuf buf;
481481
int i;
482482

483483
get_remote_ref_states(*argv, &states, !no_query);
@@ -503,18 +503,16 @@ static int show(int argc, const char **argv)
503503
}
504504

505505
if (!no_query) {
506-
strbuf_init(&buf, 0);
507-
strbuf_addf(&buf, " New remote branch%%s (next fetch "
508-
"will store in remotes/%s)", states.remote->name);
509-
show_list(buf.buf, &states.new);
510-
strbuf_release(&buf);
506+
show_list(" New remote branch%s (next fetch "
507+
"will store in remotes/%s)",
508+
&states.new, states.remote->name);
511509
show_list(" Stale tracking branch%s (use 'git remote "
512-
"prune')", &states.stale);
510+
"prune')", &states.stale, "");
513511
}
514512

515513
if (no_query)
516514
for_each_ref(append_ref_to_tracked_list, &states);
517-
show_list(" Tracked remote branch%s", &states.tracked);
515+
show_list(" Tracked remote branch%s", &states.tracked, "");
518516

519517
if (states.remote->push_refspec_nr) {
520518
printf(" Local branch%s pushed with 'git push'\n ",

0 commit comments

Comments
 (0)