From 68be2fea50e7a34c0e5f9fdf6adb9040c8df197f Mon Sep 17 00:00:00 2001
From: Junio C Hamano <gitster@pobox.com>
Date: Wed, 16 Nov 2011 22:04:13 -0800
Subject: receive-pack, fetch-pack: reject bogus pack that records objects
 twice

When receive-pack & fetch-pack are run and store the pack obtained over
the wire to a local repository, they internally run the index-pack command
with the --strict option. Make sure that we reject incoming packfile that
records objects twice to avoid spreading such a damage.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
 pack-write.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'pack-write.c')

diff --git a/pack-write.c b/pack-write.c
index 9cd3bfbb4..f84adde3e 100644
--- a/pack-write.c
+++ b/pack-write.c
@@ -129,6 +129,10 @@ const char *write_idx_file(const char *index_name, struct pack_idx_entry **objec
 		}
 		sha1write(f, obj->sha1, 20);
 		git_SHA1_Update(&ctx, obj->sha1, 20);
+		if ((opts->flags & WRITE_IDX_STRICT) &&
+		    (i && !hashcmp(list[-2]->sha1, obj->sha1)))
+			die("The same object %s appears twice in the pack",
+			    sha1_to_hex(obj->sha1));
 	}
 
 	if (index_version >= 2) {
-- 
cgit v1.2.1