src/transports · bc349045b1be8fb3af2b02d8554483869e54d5b8 · lvzhengyang / git2

smart_pkt: fix buffer overflow when parsing "ACK" packets · bc349045

We are being quite lenient when parsing "ACK" packets. First, we didn't
correctly verify that we're not overrunning the provided buffer length,
which we fix here by using `git__prefixncmp` instead of
`git__prefixcmp`. Second, we do not verify that the actual contents make
any sense at all, as we simply ignore errors when parsing the ACKs OID
and any unknown status strings. This may result in a parsed packet
structure with invalid contents, which is being silently passed to the
caller. This is being fixed by performing proper input validation and
checking of return codes.

committed Oct 03, 2018

bc349045

Name	Last commit	Last update
..
auth.c		Loading commit data...
auth.h		Loading commit data...
auth_negotiate.c		Loading commit data...
auth_negotiate.h		Loading commit data...
cred.c		Loading commit data...
cred.h		Loading commit data...
cred_helpers.c		Loading commit data...
git.c		Loading commit data...
http.c		Loading commit data...
http.h		Loading commit data...
local.c		Loading commit data...
smart.c		Loading commit data...
smart.h		Loading commit data...
smart_pkt.c		Loading commit data...
smart_protocol.c		Loading commit data...
ssh.c		Loading commit data...
ssh.h		Loading commit data...
winhttp.c		Loading commit data...