kernel
/
git
mirror of https://git.kernel.org/pub/scm/git/git.git
1
0
Fork 0
Code Releases Activity

refname_is_safe(): insist that the refname already be normalized 

The reference name is going to be compared to other reference names, so
it should be in its normalized form.

Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu>
maint
Michael Haggerty 2016-04-27 12:40:39 +02:00
parent 35db25c65f
commit e40f3557f7
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
refs.c
View File

@ -125,14 +125,19 @@ int refname_is_safe(const char *refname)
if (skip_prefix(refname, "refs/", &rest)) { if (skip_prefix(refname, "refs/", &rest)) {
char *buf; char *buf;
int result; int result;
size_t restlen = strlen(rest);

/* rest must not be empty, or start or end with "/" */
if (!restlen || *rest == '/' || rest[restlen - 1] == '/')
return 0;


/* /*
* Does the refname try to escape refs/? * Does the refname try to escape refs/?
* For example: refs/foo/../bar is safe but refs/foo/../../bar * For example: refs/foo/../bar is safe but refs/foo/../../bar
* is not. * is not.
*/ */
buf = xmallocz(strlen(rest)); buf = xmallocz(restlen);
result = !normalize_path_copy(buf, rest); result = !normalize_path_copy(buf, rest) && !strcmp(buf, rest);
free(buf); free(buf);
return result; return result;
} }