From: Junio C Hamano <junkio@cox.net>
Date: Wed, 28 Feb 2007 07:51:48 +0000 (-0800)
Subject: builtin-fetch--tool: make sure not to overstep ls-remote-result buffer.
X-Git-Tag: v1.5.1-rc1~30^2~3
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/c7d68c80002090bddc1eb740d83818aa0a08bbbe?ds=sidebyside

builtin-fetch--tool: make sure not to overstep ls-remote-result buffer.

Signed-off-by: Junio C Hamano <junkio@cox.net>
---

diff --git a/builtin-fetch--tool.c b/builtin-fetch--tool.c
index 5301c3cb78..eeee0a5ebf 100644
--- a/builtin-fetch--tool.c
+++ b/builtin-fetch--tool.c
@@ -407,6 +407,8 @@ static int expand_refs_wildcard(const char *ls_remote_result, int numrefs,
 			eol = !next ? (ls + strlen(ls)) : next;
 			if (!memcmp("^{}", eol-3, 3))
 				continue;
+			if (eol - ls < 40)
+				continue;
 			if (get_sha1_hex(ls, sha1))
 				continue;
 			ls += 40;