git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Junio C Hamano <junkio@cox.net>
To: git@vger.kernel.org
Subject: [PATCH] Refuse to create funny refs in clone-pack, git-fetch and receive-pack.
Date: Wed, 12 Oct 2005 15:01:46 -0700	[thread overview]
Message-ID: <7vzmpebdit.fsf@assigned-by-dhcp.cox.net> (raw)
In-Reply-To: 7v4q7mip30.fsf@assigned-by-dhcp.cox.net

Using git-check-ref-format, make sure we do not create refs with
funny names when cloning from elsewhere (clone-pack), fast forwarding
local heads (git-fetch), or somebody pushes into us (receive-pack).

Signed-off-by: Junio C Hamano <junkio@cox.net>

---

 * This is the second installment.  Cloning over HTTP uses the
   commit walker '-w' ref updates, and should already be covered
   by the previous "check_ref_format()" updates.

 clone-pack.c        |    6 ++++++
 git-parse-remote.sh |    6 ++++++
 receive-pack.c      |    4 ++++
 3 files changed, 16 insertions(+), 0 deletions(-)

applies-to: 409fe70483c97167e9b7d396334ec5f96932694d
8da42e4b3363de13ede2f006ad96ee8268e52250
diff --git a/clone-pack.c b/clone-pack.c
index c102ca8..48bee96 100644
--- a/clone-pack.c
+++ b/clone-pack.c
@@ -34,6 +34,12 @@ static void write_one_ref(struct ref *re
 	int fd;
 	char *hex;
 
+	if (!strncmp(ref->name, "refs/", 5) &&
+	    check_ref_format(ref->name + 5)) {
+		error("refusing to create funny ref '%s' locally", ref->name);
+		return;
+	}
+
 	if (safe_create_leading_directories(path))
 		die("unable to create leading directory for %s", ref->name);
 	fd = open(path, O_CREAT | O_EXCL | O_WRONLY, 0666);
diff --git a/git-parse-remote.sh b/git-parse-remote.sh
index 5e75e15..aea7b0e 100755
--- a/git-parse-remote.sh
+++ b/git-parse-remote.sh
@@ -94,6 +94,12 @@ canon_refs_list_for_fetch () {
 		heads/* | tags/* ) local="refs/$local" ;;
 		*) local="refs/heads/$local" ;;
 		esac
+
+		if local_ref_name=$(expr "$local" : 'refs/\(.*\)')
+		then
+		   git-check-ref-format "$local_ref_name" ||
+		   die "* refusing to create funny ref '$local_ref_name' locally"
+		fi
 		echo "${dot_prefix}${force}${remote}:${local}"
 		dot_prefix=.
 	done
diff --git a/receive-pack.c b/receive-pack.c
index 06857eb..8f157bc 100644
--- a/receive-pack.c
+++ b/receive-pack.c
@@ -95,6 +95,10 @@ static int update(const char *name,
 	char new_hex[60], *old_hex, *lock_name;
 	int newfd, namelen, written;
 
+	if (!strncmp(name, "refs/", 5) && check_ref_format(name + 5))
+		return error("refusing to create funny ref '%s' locally",
+			     name);
+
 	namelen = strlen(name);
 	lock_name = xmalloc(namelen + 10);
 	memcpy(lock_name, name, namelen);
---
0.99.8.GIT

  parent reply	other threads:[~2005-10-12 22:01 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <46a038f90510062014l7f5740e0l77fc53b50f822e8f@mail.gmail.com>
     [not found] ` <46a038f90510082014i6b296f2bvbac56e25344cbdf2@mail.gmail.com>
2005-10-10  4:26   ` Strangely broken git repo Martin Langhoff (CatalystIT)
2005-10-10  9:00     ` Junio C Hamano
2005-10-10 14:54       ` Linus Torvalds
2005-10-10 15:21         ` Linus Torvalds
2005-10-10 18:19           ` Morten Welinder
2005-10-10 18:23             ` Linus Torvalds
2005-10-10 18:30             ` Johannes Schindelin
2005-10-11  4:29       ` Quote reference names while fetching with curl Junio C Hamano
2005-10-11  5:07         ` [PATCH] git-fetch --tags: deal with tags with spaces in them Junio C Hamano
2005-10-11  6:04           ` Junio C Hamano
2005-10-12  5:29             ` Junio C Hamano
2005-10-12  8:26               ` Petr Baudis
2005-10-12 15:36               ` H. Peter Anvin
2005-10-12 15:47                 ` H. Peter Anvin
2005-10-12 18:57                   ` Junio C Hamano
2005-10-12 18:10                 ` Junio C Hamano
2005-10-12 22:01                   ` [PATCH] git-check-ref-format: reject funny ref names Junio C Hamano
2005-10-12 22:01                   ` Junio C Hamano [this message]
2005-10-11 19:55           ` [PATCH] git-fetch --tags: deal with tags with spaces in them Matthias Urlichs
2005-10-12  3:26       ` Strangely broken git repo Nick Hengeveld
2005-10-12  4:22         ` Junio C Hamano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7vzmpebdit.fsf@assigned-by-dhcp.cox.net \
    --to=junkio@cox.net \
    --cc=git@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).