commit 8991a328535f89f3f2257269f5c2d3fcec8bda69
from: Stefan Sperling <stsp@stsp.name>
date: Thu Aug 26 07:08:48 2021 UTC

add a missing bounds-check in got-fetch-pack when parsing server response

The tokenize_refline() function could end up reading past the end of
the buffer if the refline is not terminated with whitespace or \0.

commit - a90356f7c470563a35922c4cbb01824558dcf207
commit + 8991a328535f89f3f2257269f5c2d3fcec8bda69
blob - d3181d5e845b3b24479c5a38d23fb330c12ff499
blob + 7666d8a45ed09a018f2f8aa871943aa38616db3c
--- libexec/got-fetch-pack/got-fetch-pack.c
+++ libexec/got-fetch-pack/got-fetch-pack.c
@@ -294,7 +294,7 @@ tokenize_refline(char **tokens, char *line, int len, i
 			n++;
 		}
 		p = line;
-		while (*line != '\0' &&
+		while (*line != '\0' && n < len &&
 		    (!isspace(*line) || i == maxtokens - 1)) {
 			line++;
 			n++;