promisor-remote: reject empty name or URL in advertised remote

In parse_one_advertised_remote(), we check for a NULL remote name and
remote URL, but not for empty ones. An empty URL seems possible as
url_percent_decode("") doesn't return NULL.

In promisor_config_info_list(), we ignore remotes with empty URLs, so a
Git server should not advertise remotes with empty URLs. It's possible
that a buggy or malicious server would do it though.

So let's tighten the check in parse_one_advertised_remote() to also
reject empty strings at parse time.

Signed-off-by: Christian Couder <chriscool@tuxfamily.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/promisor-remote.c b/promisor-remote.c
index 8e062ec16098ac098a05f7b7b4c5f1423f34f9b8..8322349ae8ba87e9b1e0459fd1a4ffbbceb8c982 100644 (file)
--- a/promisor-remote.c
+++ b/promisor-remote.c
@@ -722,7 +722,7 @@ static struct promisor_info *parse_one_advertised_remote(const char *remote_info
 
        string_list_clear(&elem_list, 0);
 
-       if (!info->name || !info->url) {
+       if (!info->name || !*info->name || !info->url || !*info->url) {
                warning(_("server advertised a promisor remote without a name or URL: '%s', "
                          "ignoring this remote"), remote_info);
                promisor_info_free(info);