1. Stefan Saasen
  2. git

Commits

Linus Torvalds  committed c922b01

grep: fix segfault when "git grep '('" is given

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

  • Participants
  • Parent commits d649048
  • Branches master

Comments (0)

Files changed (2)

File grep.c

View file
  • Ignore whitespace
 	struct grep_expr *x;
 
 	p = *list;
+	if (!p)
+		return NULL;
 	switch (p->token) {
 	case GREP_PATTERN: /* atom */
 	case GREP_PATTERN_HEAD:
 	case GREP_OPEN_PAREN:
 		*list = p->next;
 		x = compile_pattern_or(list);
-		if (!x)
-			return NULL;
 		if (!*list || (*list)->token != GREP_CLOSE_PAREN)
 			die("unmatched parenthesis");
 		*list = (*list)->next;
 	struct grep_expr *x;
 
 	p = *list;
+	if (!p)
+		return NULL;
 	switch (p->token) {
 	case GREP_NOT:
 		if (!p->next)
 {
 	int h = 0;
 
+	if (!x)
+		die("Not a valid grep expression");
 	switch (x->node) {
 	case GREP_NODE_ATOM:
 		h = match_one_pattern(o, x->u.atom, bol, eol, ctx);

File t/t7002-grep.sh

View file
  • Ignore whitespace
 	git commit -m initial
 '
 
+test_expect_success 'grep should not segfault with a bad input' '
+	test_must_fail git grep "("
+'
+
 for H in HEAD ''
 do
 	case "$H" in