From a2f9fe92ebfdf9b5c458642fa0bf32b17433c6c1 Mon Sep 17 00:00:00 2001
From: Junio C Hamano <junkio@cox.net>
Date: Mon, 29 Jan 2007 00:57:07 -0800
Subject: lock_any_ref_for_update(): do not accept malformatted refs.

We used to use lock_any_ref_for_update() because the command
needs to also update HEAD (which is not under refs/, so
lock_ref_sha1() cannot be used).  The function however did not
check for refs with illegal characters in them.

Use check_ref_format() to catch malformed refs.  For this check,
we specifically do not want to say having less than two levels
in the name is illegal to allow HEAD (and perhaps other special
refs in the future).

Signed-off-by: Junio C Hamano <junkio@cox.net>
---
 refs.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'refs.c')

diff --git a/refs.c b/refs.c
index 12e46b8bbe..3db444cad2 100644
--- a/refs.c
+++ b/refs.c
@@ -710,6 +710,8 @@ struct ref_lock *lock_ref_sha1(const char *ref, const unsigned char *old_sha1)
 
 struct ref_lock *lock_any_ref_for_update(const char *ref, const unsigned char *old_sha1)
 {
+	if (check_ref_format(ref) == -1)
+		return NULL;
 	return lock_ref_sha1_basic(ref, old_sha1, NULL);
 }
 
-- 
cgit v1.2.3