Crash when using path limit in ui-patch.c

[Florian Pritz]

Hi,

I get the following backtrace when trying to use the path limit feature
while getting a patch.

> #0  0x0000000000467bb5 in prefix_pathspec (item=0x77ba48, p_short_magic=0x7fffffffb2e8, raw=0x76e488, flags=0, prefix=0x0, prefixlen=0, elt=0x3637353238343130 <error: Cannot access memory at address 0x3637353238343130>) at pathspec.c:149
> #1  0x0000000000468872 in parse_pathspec (pathspec=0x7fffffffc550, magic_mask=0, flags=0, prefix=0x0, argv=0x76e480) at pathspec.c:418
> #2  0x0000000000487efb in setup_revisions (argc=4, argv=0x7fffffffc430, revs=0x7fffffffc500, opt=0x0) at revision.c:2253
> #3  0x00000000004135eb in cgit_print_patch (new_rev=0x791670 "03c580a9b31fb82187de3c882bc274441c41847d", old_rev=0x0, prefix=0x76dfd0 "application/libraries") at ../ui-patch.c:88
> #4  0x0000000000409534 in patch_fn () at ../cmd.c:119
> #5  0x0000000000407281 in process_request () at ../cgit.c:744
> #6  0x0000000000408d2b in cache_process (size=0, path=0x4fc87a "/var/cache/cgit", key=0x777670 "users/flo/filebin/patch/application/libraries?id=03c580a9b31fb82187de3c882bc274441c41847d", ttl=-1, fn=0x407141 <process_request>) at ../cache.c:367
> #7  0x00000000004083aa in cmd_main (argc=1, argv=0x7fffffffe048) at ../cgit.c:1092
> #8  0x000000000041d40b in main (argc=1, argv=0x7fffffffe048) at common-main.c:40

I'm not exactly sure what is going on, but I don't have the time to
debug so I cobbled together a quick test case for this which you can
view here: https://paste.xinu.at/vgCm/

The test "works" before commit 5fe88a9c81517b1a8a93d930c738cbb6f71dec2a
since that introduces the feature and using the path limit doesn't
actually change the output. It's just a quick reproducer.

Florian

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 825 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/cgit/attachments/20161124/fdd9f10f/attachment.asc>