Merge branch 'jk/http-walker-buffer-underflow-fix' into maint

"Dumb http" transport used to misparse a nonsense http-alternates
response, which has been fixed.

* jk/http-walker-buffer-underflow-fix:
http-walker: fix buffer underflow processing remote alternates

diff --git a/http-walker.c b/http-walker.c
index b34b6ace7cd80a482eae16e2063aa9d8960e8729..507c200f004a0d1e295a6ffe876667ddf20db3bf 100644 (file)
--- a/http-walker.c
+++ b/http-walker.c
@@ -296,13 +296,16 @@ static void process_alternates_response(void *callback_data)
                                        okay = 1;
                                }
                        }
-                       /* skip "objects\n" at end */
                        if (okay) {
                                struct strbuf target = STRBUF_INIT;
                                strbuf_add(&target, base, serverlen);
-                               strbuf_add(&target, data + i, posn - i - 7);
-
-                               if (is_alternate_allowed(target.buf)) {
+                               strbuf_add(&target, data + i, posn - i);
+                               if (!strbuf_strip_suffix(&target, "objects")) {
+                                       warning("ignoring alternate that does"
+                                               " not end in 'objects': %s",
+                                               target.buf);
+                                       strbuf_release(&target);
+                               } else if (is_alternate_allowed(target.buf)) {
                                        warning("adding alternate object store: %s",
                                                target.buf);
                                        newalt = xmalloc(sizeof(*newalt));