The resolve_ref_unsafe() function may return NULL even with
a REF_ISSYMREF flag if a symref points to a broken ref. As a
result, it's possible for the decoration code's "is this
branch the current HEAD" check to segfault when it passes
the NULL to starts_with().
This is unlikely in practice, since we can only reach this
code if we already resolved HEAD to a matching sha1 earlier.
But it's possible if HEAD racily becomes broken, or if
there's a transient filesystem error.
We can fix this by returning early in the broken case, since
NULL could not possibly match any of our branch names.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
/* Now resolve and find the matching current branch */
branch_name = resolve_ref_unsafe("HEAD", 0, NULL, &rru_flags);
- if (!(rru_flags & REF_ISSYMREF))
+ if (!branch_name || !(rru_flags & REF_ISSYMREF))
return NULL;
if (!starts_with(branch_name, "refs/"))