url: do not allow %00 to represent NUL in URLs

There is no reason to allow %00 to terminate a string, so do not allow it. Otherwise, we end up returning arbitrary content in the string (that which is after the %00) which is effectively hidden from callers and can escape sanity checks and validation, and possible be used in tandem with a security vulnerability to introduce a payload. Helped-by: N brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: N Matthew DeVore <matvore@google.com> Signed-off-by: N Junio C Hamano <gitster@pobox.com>

url: do not allow %00 to represent NUL in URLs
There is no reason to allow %00 to terminate a string, so do not allow it. Otherwise, we end up returning arbitrary content in the string (that which is after the %00) which is effectively hidden from callers and can escape sanity checks and validation, and possible be used in tandem with a security vulnerability to introduce a payload. Helped-by: N brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: N Matthew DeVore <matvore@google.com> Signed-off-by: N Junio C Hamano <gitster@pobox.com>
d37dc239 · Matthew DeVore · Junio C Hamano · 3f6b8a61 · d37dc239
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

url.c url.c +1 -1

未找到文件。
--- a/url.c
+++ b/url.c
@@ -48,7 +48,7 @@ static char *url_decode_internal(const char **query, int len,

 		if (c == '%' && (len < 0 || len >= 3)) {
 			int val = hex2chr(q + 1);
-			if (0 <= val) {
+			if (0 < val) {
 				strbuf_addch(out, val);
 				q += 3;
 				len -= 3;