commit a6f88e332aa24e7cfaae6cdf8f129bf33effcd88
from: Stefan Sperling <stsp@stsp.name>
date: Wed Mar 18 16:10:33 2020 UTC

make got-fetch-pack sanity check error messages sent by server

commit - 8a29a08527813857e61cd850f6d20b860e6b91b1
commit + a6f88e332aa24e7cfaae6cdf8f129bf33effcd88
blob - 2be1c4774cc00f55fd25ef19a0a9aba0fb3fa5eb
blob + 7ad3862a3ef4a2237172bd72eb254dfacba8929e
--- libexec/got-fetch-pack/got-fetch-pack.c
+++ libexec/got-fetch-pack/got-fetch-pack.c
@@ -407,9 +407,16 @@ fetch_pack(int fd, int packfd, struct got_object_id *p
 		}
 		if (n == 0)
 			break;
-		if (strncmp(buf, "ERR ", 4) == 0) {
+		if (n >= 4 && strncmp(buf, "ERR ", 4) == 0) {
 			static char msg[1024];
-			strlcpy(msg, buf + 4, sizeof(msg));
+			for (i = 0; i < n && i < sizeof(msg) - 1; i++) {
+				if (!isprint(buf[i])) {
+					err = got_error(GOT_ERR_FETCH_FAILED);
+					goto done;
+				}
+				msg[i] = buf[i];
+			}
+			msg[i] = '\0';
 			err = got_error_msg(GOT_ERR_FETCH_FAILED, msg);
 			goto done;
 		}