index: fix NULL pointer access in index_remove_entry

When removing an entry from the index by its position, we first retrieve the position from the index's entries and then try to remove the retrieved value from the index map with `DELETE_IN_MAP`. When `index_remove_entry` returns `NULL` we try to feed it into the `DELETE_IN_MAP` macro, which will unconditionally call `idxentry_hash` and then happily dereference the `NULL` entry pointer. Fix the issue by not passing a `NULL` entry into `DELETE_IN_MAP`.
author: Patrick Steinhardt <ps@pks.im> 2016-06-07 08:35:26 +0200
committer: Carlos Martín Nieto <cmn@dwim.me> 2016-10-01 17:40:37 +0200
commit: 246d25b3ce218d2d300f60e75528c2fbe83f8db5 (patch)
tree: c811d0d797c013c092c214eb2d803981b0dfeef1
parent: 1a7096043645da9f44dad15a51a8034f3e716b5b (diff)
download: libgit2-246d25b3ce218d2d300f60e75528c2fbe83f8db5.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/src/index.c b/src/index.c
index 20ab6a19d..32f585faf 100644
--- a/src/index.c
+++ b/src/index.c
@@ -505,10 +505,11 @@ static int index_remove_entry(git_index *index, size_t pos)
 	int error = 0;
 	git_index_entry *entry = git_vector_get(&index->entries, pos);
 
-	if (entry != NULL)
+	if (entry != NULL) {
 		git_tree_cache_invalidate_path(index->tree, entry->path);
+		DELETE_IN_MAP(index, entry);
+	}
 
-	DELETE_IN_MAP(index, entry);
 	error = git_vector_remove(&index->entries, pos);
 
 	if (!error) {
author	Patrick Steinhardt <ps@pks.im>	2016-06-07 08:35:26 +0200
committer	Carlos Martín Nieto <cmn@dwim.me>	2016-10-01 17:40:37 +0200
commit	246d25b3ce218d2d300f60e75528c2fbe83f8db5 (patch)
tree	c811d0d797c013c092c214eb2d803981b0dfeef1
parent	1a7096043645da9f44dad15a51a8034f3e716b5b (diff)
download	libgit2-246d25b3ce218d2d300f60e75528c2fbe83f8db5.tar.gz