On Mon, Sep 19, 2022 at 11:01:51PM +1000, Mark Jamsek wrote:
> @@ -843,12 +844,23 @@ cmd_import(int argc, char *argv[])
>  	 * While technically a valid reference name, this case is usually
>  	 * an unintended typo.
>  	 */
> -	if (branch_name[0] == '-')
> +	if (branch_name && branch_name[0] == '-')
>  		return got_error_path(branch_name, GOT_ERR_REF_NAME_MINUS);
>  
> -	if (asprintf(&refname, "refs/heads/%s", branch_name) == -1) {
> -		error = got_error_from_errno("asprintf");
> +	error = got_ref_open(&head_ref, repo, GOT_REF_HEAD, 0);
> +	if (error && error->code != GOT_ERR_NOT_REF)
>  		goto done;
> +
> +	if (branch_name)
> +		n = strlcat(refname, branch_name, sizeof(refname));
> +	else if (head_ref)
> +		n = strlcpy(refname, got_ref_get_symref_target(head_ref),
> +		    sizeof(refname));

We segfault here is head_ref is not actually a symbolic reference.
Add an extra check using got_ref_is_symbolic() is avoid this.

$ cat t/.git/HEAD                              
a6595b659681118f302825765ca19ec034bd4d49
$ ls y/
a  b
$ got import -r t y
Segmentation fault (core dumped)

The above situation was created in a non-bare repository with the
command: git checkout a6595b659681118f302825765ca19ec034bd4d49