From 0dfed92dfdb95c2f12df7299bb1e606d79185626 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Thu, 5 Sep 2019 18:50:31 -0400 Subject: [PATCH] git-am: handle missing "author" when parsing commit MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit We try to parse the "author" line out of a commit buffer. We handle the case that split_ident_line() doesn't work, but we don't do any error checking that we found an "author" line in the first place! This would cause us to segfault on such a corrupt object. Let's put in an explicit NULL check (we can just die(), which is what a bogus split would do, too). As a bonus, this silences a warning when compiling with gcc 9.2.1 using "-flto -O3", which claims that ident_len may be uninitialized (it would only be if we had a NULL here). Reported-by: Stephan Beyer Helped-by: René Scharfe Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- builtin/am.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/builtin/am.c b/builtin/am.c index 1aea657a7f..ee7305eaa6 100644 --- a/builtin/am.c +++ b/builtin/am.c @@ -1272,7 +1272,9 @@ static void get_commit_info(struct am_state *state, struct commit *commit) buffer = logmsg_reencode(commit, NULL, get_commit_output_encoding()); ident_line = find_commit_header(buffer, "author", &ident_len); - + if (!ident_line) + die(_("missing author line in commit %s"), + oid_to_hex(&commit->object.oid)); if (split_ident_line(&id, ident_line, ident_len) < 0) die(_("invalid ident line: %.*s"), (int)ident_len, ident_line); -- 2.47.1