kernel
/
git
mirror of https://git.kernel.org/pub/scm/git/git.git
1
0
Fork 0
Code Releases Activity

git-check-ref-format: reject funny ref names. 

Update check_ref_format() function to reject ref names that:

 * has a path component that begins with a ".", or
 * has a double dots "..", or
 * has ASCII control character, "~", "^", ":" or SP, anywhere, or
 * ends with a "/".

Use it in 'git-checkout -b', 'git-branch', and 'git-tag' to make sure
that newly created refs are well-formed.

Signed-off-by: Junio C Hamano <junkio@cox.net>
maint
Junio C Hamano 2005-10-15 17:10:14 -07:00
parent 494245d6d1
commit 652d5dc6c0
6 changed files with 103 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -116,7 +116,7 @@ PROGRAMS = \
git-ssh-upload git-tar-tree git-unpack-file \ git-ssh-upload git-tar-tree git-unpack-file \
git-unpack-objects git-update-index git-update-server-info \ git-unpack-objects git-update-index git-update-server-info \
git-upload-pack git-verify-pack git-write-tree \ git-upload-pack git-verify-pack git-write-tree \
git-update-ref git-symbolic-ref \ git-update-ref git-symbolic-ref git-check-ref-format \
$(SIMPLE_PROGRAMS) $(SIMPLE_PROGRAMS)


# Backward compatibility -- to be removed after 1.0 # Backward compatibility -- to be removed after 1.0

17
check-ref-format.c Normal file
View File

@ -0,0 +1,17 @@
/*
* GIT - The information manager from hell
*/

#include "cache.h"
#include "refs.h"

#include <stdio.h>

int main(int ac, char **av)
{
if (ac != 2)
usage("git-check-ref-format refname");
if (check_ref_format(av[1]))
exit(1);
return 0;
}

15
git-branch.sh
View File

@ -13,9 +13,12 @@ If two arguments, create a new branch <branchname> based off of <start-point>.
} }


delete_branch () { delete_branch () {
option="$1" branch_name="$2" option="$1"
shift
headref=$(GIT_DIR="$GIT_DIR" git-symbolic-ref HEAD | headref=$(GIT_DIR="$GIT_DIR" git-symbolic-ref HEAD |
sed -e 's|^refs/heads/||') sed -e 's|^refs/heads/||')
for branch_name
do
case ",$headref," in case ",$headref," in
",$branch_name,") ",$branch_name,")
die "Cannot delete the branch you are on." ;; die "Cannot delete the branch you are on." ;;
@ -37,7 +40,7 @@ delete_branch () {
;; ;;
*) *)
echo >&2 "The branch '$branch_name' is not a strict subset of your current HEAD. echo >&2 "The branch '$branch_name' is not a strict subset of your current HEAD.
If you are sure you want to delete it, run 'git branch -D $branch_name'." If you are sure you want to delete it, run 'git branch -D $branch_name'."
exit 1 exit 1
;; ;;
esac esac
@ -45,6 +48,7 @@ If you are sure you want to delete it, run 'git branch -D $branch_name'."
esac esac
rm -f "$GIT_DIR/refs/heads/$branch_name" rm -f "$GIT_DIR/refs/heads/$branch_name"
echo "Deleted branch $branch_name." echo "Deleted branch $branch_name."
done
exit 0 exit 0
} }


@ -52,7 +56,7 @@ while case "$#,$1" in 0,*) break ;; *,-*) ;; *) break ;; esac
do do
case "$1" in case "$1" in
-d | -D) -d | -D)
delete_branch "$1" "$2" delete_branch "$@"
exit exit
;; ;;
--) --)
@ -93,6 +97,9 @@ branchname="$1"


rev=$(git-rev-parse --verify "$head") || exit rev=$(git-rev-parse --verify "$head") || exit


[ -e "$GIT_DIR/refs/heads/$branchname" ] && die "$branchname already exists" [ -e "$GIT_DIR/refs/heads/$branchname" ] &&
die "$branchname already exists."
git-check-ref-format "heads/$branchname" ||
die "we do not like '$branchname' as a branch name."


echo $rev > "$GIT_DIR/refs/heads/$branchname" echo $rev > "$GIT_DIR/refs/heads/$branchname"

2
git-checkout.sh
View File

@ -17,6 +17,8 @@ while [ "$#" != "0" ]; do
die "git checkout: -b needs a branch name" die "git checkout: -b needs a branch name"
[ -e "$GIT_DIR/refs/heads/$newbranch" ] && [ -e "$GIT_DIR/refs/heads/$newbranch" ] &&
die "git checkout: branch $newbranch already exists" die "git checkout: branch $newbranch already exists"
git-check-ref-format "heads/$newbranch" ||
die "we do not like '$newbranch' as a branch name."
;; ;;
"-f") "-f")
force=1 force=1

2
git-tag.sh
View File

@ -46,6 +46,8 @@ if [ -e "$GIT_DIR/refs/tags/$name" -a -z "$force" ]; then
die "tag '$name' already exists" die "tag '$name' already exists"
fi fi
shift shift
git-check-ref-format "tags/$name" ||
die "we do not like '$name' as a tag name."


object=$(git-rev-parse --verify --default HEAD "$@") || exit 1 object=$(git-rev-parse --verify --default HEAD "$@") || exit 1
type=$(git-cat-file -t $object) || exit 1 type=$(git-cat-file -t $object) || exit 1

47
refs.c
View File

@ -335,17 +335,54 @@ int write_ref_sha1(const char *ref, int fd, const unsigned char *sha1)
return retval; return retval;
} }


/*
* Make sure "ref" is something reasonable to have under ".git/refs/";
* We do not like it if:
*
* - any path component of it begins with ".", or
* - it has double dots "..", or
* - it has ASCII control character, "~", "^", ":" or SP, anywhere, or
* - it ends with a "/".
*/

static inline int bad_ref_char(int ch)
{
return (((unsigned) ch) <= ' ' ||
ch == '~' || ch == '^' || ch == ':');
}

int check_ref_format(const char *ref) int check_ref_format(const char *ref)
{ {
char *middle; int ch, level;
if (ref[0] == '.' || ref[0] == '/') const char *cp = ref;

level = 0;
while (1) {
while ((ch = *cp++) == '/')
; /* tolerate duplicated slashes */
if (!ch)
return -1; /* should not end with slashes */

/* we are at the beginning of the path component */
if (ch == '.' || bad_ref_char(ch))
return -1; return -1;
middle = strchr(ref, '/');
if (!middle || !middle[1]) /* scan the rest of the path component */
while ((ch = *cp++) != 0) {
if (bad_ref_char(ch))
return -1; return -1;
if (strchr(middle + 1, '/')) if (ch == '/')
break;
if (ch == '.' && *cp == '.')
return -1; return -1;
}
level++;
if (!ch) {
if (level < 2)
return -1; /* at least of form "heads/blah" */
return 0; return 0;
}
}
} }


int write_ref_sha1_unlocked(const char *ref, const unsigned char *sha1) int write_ref_sha1_unlocked(const char *ref, const unsigned char *sha1)