Am 19.05.19 um 07:10 schrieb Jeff King:
> diff --git a/transport.c b/transport.c
> index f1fcd2c4b0..ba61e57295 100644
> --- a/transport.c
> +++ b/transport.c
> @@ -1373,7 +1372,15 @@ char *transport_anonymize_url(const char *url)
>               cp = strchr(scheme_prefix + 3, '/');
>               if (cp && cp < anon_part)
>                       goto literal_copy;
> -             prefix_len = scheme_prefix - url + 3;
> +
> +             if (strip_user)
> +                     prefix_len = scheme_prefix - url + 3;
> +             else {
> +                     cp = strchr(scheme_prefix + 3, ':');
> +                     if (cp && cp > anon_part)

Don't you mean this?

                        if (!cp || cp > anon_part)

Or the search could stop at anon_part in the first place:

                        assert(scheme_prefix + 3 < anon_part);
                        cp = memchr(schema_prefix + 3, ':', anon_part - 
schema_prefix - 3);
                        if (!cp)

That whole thing looks fragile.  I wonder if using the official regex
(https://tools.ietf.org/html/rfc3986#appendix-B) would make it easier
and more robust.

> +                             goto literal_copy; /* username only */
> +                     prefix_len = cp - url;

Anyway, you don't want cp == NULL here.

> +             }
>       }
>       return xstrfmt("%.*s%.*s", (int)prefix_len, url,
>                      (int)anon_len, anon_part);

Reply via email to