Merge branch 'md/url-parse-harden'

gitster · gitster · commit f9089e8491fd · 2019-06-21T11:24:12.000-07:00
The URL decoding code has been updated to avoid going past the end
of the string while parsing %-&lt;hex&gt;-&lt;hex&gt; sequence.

* md/url-parse-harden:
  url: do not allow %00 to represent NUL in URLs
  url: do not read past end of buffer
diff --git a/url.c b/url.c
@@ -46,9 +46,9 @@ static char *url_decode_internal(const char **query, int len,
 			break;
 		}
 
-		if (c == '%') {
+		if (c == '%' && (len < 0 || len >= 3)) {
 			int val = hex2chr(q + 1);
-			if (0 <= val) {
+			if (0 < val) {
 				strbuf_addch(out, val);
 				q += 3;
 				len -= 3;
