From: René Scharfe <l.s.r@web.de>
Date: Sat, 6 May 2017 17:13:52 +0000 (+0200)
Subject: checkout: check return value of resolve_refdup before using hash
X-Git-Tag: v2.13.1~18^2~1
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/79e913c24aa37d0ede9ed9e8962a19634ae5129a?ds=inline;hp=--cc

checkout: check return value of resolve_refdup before using hash

If resolve_refdup() fails it returns NULL and possibly leaves its hash
output parameter untouched.  Make sure to use it only if the function
succeeded, in order to avoid accessing uninitialized memory.

Found with t/t2011-checkout-invalid-head.sh --valgrind.

Signed-off-by: Rene Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---

79e913c24aa37d0ede9ed9e8962a19634ae5129a
diff --git a/builtin/checkout.c b/builtin/checkout.c
index 81f07c3ef2..5744499098 100644
--- a/builtin/checkout.c
+++ b/builtin/checkout.c
@@ -814,7 +814,8 @@ static int switch_branches(const struct checkout_opts *opts,
 	int flag, writeout_error = 0;
 	memset(&old, 0, sizeof(old));
 	old.path = path_to_free = resolve_refdup("HEAD", 0, rev.hash, &flag);
-	old.commit = lookup_commit_reference_gently(rev.hash, 1);
+	if (old.path)
+		old.commit = lookup_commit_reference_gently(rev.hash, 1);
 	if (!(flag & REF_ISSYMREF))
 		old.path = NULL;