From 7c1a278d99a18445e12bd55e308cd69080963198 Mon Sep 17 00:00:00 2001
From: Petr Baudis <pasky@suse.cz>
Date: Sat, 23 Sep 2006 01:08:45 +0200
Subject: Fix buggy ref recording

There is a format string vulnerability introduced with the packed refs
file format.

Signed-off-by: Petr Baudis <pasky@suse.cz>
Signed-off-by: Junio C Hamano <junkio@cox.net>
---
 refs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'refs.c')

diff --git a/refs.c b/refs.c
index 40f16af18..5fdf9c413 100644
--- a/refs.c
+++ b/refs.c
@@ -472,7 +472,7 @@ static struct ref_lock *lock_ref_sha1_basic(const char *ref,
 
 	lock->ref_name = xstrdup(ref);
 	lock->log_file = xstrdup(git_path("logs/%s", ref));
-	ref_file = git_path(ref);
+	ref_file = git_path("%s", ref);
 	lock->force_write = lstat(ref_file, &st) && errno == ENOENT;
 
 	if (safe_create_leading_directories(ref_file))
-- 
cgit v1.2.1