author | Lukas Fleischer <cgit@cryptocrack.de> | 2011-04-05 08:38:53 (UTC) |
---|---|---|
committer | Lars Hjemli <hjemli@gmail.com> | 2011-05-23 20:58:35 (UTC) |
commit | 9afc883297b0d0943e9b358d2299950f33e8e5ed (patch) (side-by-side diff) | |
tree | 27e81428c0a6ad4bbdf5633fc95b946b4a631d30 | |
parent | a0bf375a1a9b74056a913f3687c6f5b42ad4acf6 (diff) | |
download | cgit-9afc883297b0d0943e9b358d2299950f33e8e5ed.zip cgit-9afc883297b0d0943e9b358d2299950f33e8e5ed.tar.gz cgit-9afc883297b0d0943e9b358d2299950f33e8e5ed.tar.bz2 |
Avoid null pointer dereference in cgit_print_diff().
When calling cgit_print_diff() with a bad new_rev and a NULL old_rev,
checking for new_rev's parent commit will result in a null pointer
dereference. Returning on an invalid commit before dereferencing fixes
this. Spotted with clang-analyzer.
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
-rw-r--r-- | ui-diff.c | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -342,14 +342,16 @@ void cgit_print_diff(const char *new_rev, const char *old_rev, const char *prefi type = sha1_object_info(new_rev_sha1, &size); if (type == OBJ_BAD) { cgit_print_error(fmt("Bad object name: %s", new_rev)); return; } commit = lookup_commit_reference(new_rev_sha1); - if (!commit || parse_commit(commit)) + if (!commit || parse_commit(commit)) { cgit_print_error(fmt("Bad commit: %s", sha1_to_hex(new_rev_sha1))); + return; + } if (old_rev) get_sha1(old_rev, old_rev_sha1); else if (commit->parents && commit->parents->item) hashcpy(old_rev_sha1, commit->parents->item->object.sha1); else @@ -359,14 +361,16 @@ void cgit_print_diff(const char *new_rev, const char *old_rev, const char *prefi type = sha1_object_info(old_rev_sha1, &size); if (type == OBJ_BAD) { cgit_print_error(fmt("Bad object name: %s", sha1_to_hex(old_rev_sha1))); return; } commit2 = lookup_commit_reference(old_rev_sha1); - if (!commit2 || parse_commit(commit2)) + if (!commit2 || parse_commit(commit2)) { cgit_print_error(fmt("Bad commit: %s", sha1_to_hex(old_rev_sha1))); + return; + } } if ((ctx.qry.ssdiff && !ctx.cfg.ssdiff) || (!ctx.qry.ssdiff && ctx.cfg.ssdiff)) use_ssdiff = 1; print_ssdiff_link(); |