From: Jeff King Date: Wed, 15 Sep 2021 18:35:29 +0000 (-0400) Subject: serve: drop "keys" strvec X-Git-Tag: v2.34.0-rc0~116^2~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f0a35c9ce52ade69311ab3b8cb111e145eb7b875;p=thirdparty%2Fgit.git serve: drop "keys" strvec We collect the set of capabilities the client sends us in a strvec. While this is usually small, there's no limit to the number of capabilities the client can send us (e.g., they could just send us "agent" pkt-lines over and over, and we'd keep adding them to the list). Since all code has been converted away from using this list, let's get rid of it. This avoids a potential attack where clients waste our memory. Note that we do have to replace it with a flag, because some of the flush-packet logic checks whether we've seen any valid commands or keys. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- diff --git a/serve.c b/serve.c index 6bbf54cbbe..1a7c8a118f 100644 --- a/serve.c +++ b/serve.c @@ -239,7 +239,7 @@ static int process_request(void) { enum request_state state = PROCESS_REQUEST_KEYS; struct packet_reader reader; - struct strvec keys = STRVEC_INIT; + int seen_capability_or_command = 0; struct protocol_capability *command = NULL; packet_reader_init(&reader, 0, NULL, 0, @@ -260,10 +260,9 @@ static int process_request(void) case PACKET_READ_EOF: BUG("Should have already died when seeing EOF"); case PACKET_READ_NORMAL: - /* collect request; a sequence of keys and values */ if (parse_command(reader.line, &command) || receive_client_capability(reader.line)) - strvec_push(&keys, reader.line); + seen_capability_or_command = 1; else die("unknown capability '%s'", reader.line); @@ -275,7 +274,7 @@ static int process_request(void) * If no command and no keys were given then the client * wanted to terminate the connection. */ - if (!keys.nr) + if (!seen_capability_or_command) return 1; /* @@ -309,7 +308,6 @@ static int process_request(void) command->command(the_repository, &reader); - strvec_clear(&keys); return 0; }