From: Thalia Archibald <thalia@archibald.dev>
To: git@vger.kernel.org
Cc: Patrick Steinhardt <ps@pks.im>, Elijah Newren <newren@gmail.com>,
Thalia Archibald <thalia@archibald.dev>
Subject: [PATCH v2 7/8] fast-import: forbid escaped NUL in paths
Date: Mon, 01 Apr 2024 09:03:50 +0000 [thread overview]
Message-ID: <c087c6a8604ddcbda5f09bb41fb9d7e746ed9c55.1711960552.git.thalia@archibald.dev> (raw)
In-Reply-To: <cover.1711960552.git.thalia@archibald.dev>
NUL cannot appear in paths. Even disregarding filesystem path
limitations, the tree object format delimits with NUL, so such a path
cannot be encoded by Git.
When a quoted path is unquoted, it could possibly contain NUL from
"\000". Forbid it so it isn't truncated.
fast-import still has other issues with NUL, but those will be addressed
later.
Signed-off-by: Thalia Archibald <thalia@archibald.dev>
---
Documentation/git-fast-import.txt | 1 +
builtin/fast-import.c | 2 ++
t/t9300-fast-import.sh | 1 +
3 files changed, 4 insertions(+)
diff --git a/Documentation/git-fast-import.txt b/Documentation/git-fast-import.txt
index db53b50268..edda30f90c 100644
--- a/Documentation/git-fast-import.txt
+++ b/Documentation/git-fast-import.txt
@@ -660,6 +660,7 @@ and must be in canonical form. That is it must not:
The root of the tree can be represented by an empty string as `<path>`.
+`<path>` cannot contain NUL, either literally or escaped as `\000`.
It is recommended that `<path>` always be encoded using UTF-8.
`filedelete`
diff --git a/builtin/fast-import.c b/builtin/fast-import.c
index fc6eeaf89c..9d0f53fe04 100644
--- a/builtin/fast-import.c
+++ b/builtin/fast-import.c
@@ -2268,6 +2268,8 @@ static void parse_path(struct strbuf *sb, const char *p, const char **endp, int
if (*p == '"') {
if (unquote_c_style(sb, p, endp))
die("Invalid %s: %s", field, command_buf.buf);
+ if (strlen(sb->buf) != sb->len)
+ die("NUL in %s: %s", field, command_buf.buf);
} else {
if (include_spaces)
*endp = p + strlen(p);
diff --git a/t/t9300-fast-import.sh b/t/t9300-fast-import.sh
index e10962dffe..794a96df38 100755
--- a/t/t9300-fast-import.sh
+++ b/t/t9300-fast-import.sh
@@ -3294,6 +3294,7 @@ test_path_base_fail () {
local change="$1" prefix="$2" field="$3" suffix="$4"
test_path_fail "$change" 'unclosed " in '"$field" "$prefix" '"hello.c' "$suffix" "Invalid $field"
test_path_fail "$change" "invalid escape in quoted $field" "$prefix" '"hello\xff"' "$suffix" "Invalid $field"
+ test_path_fail "$change" "escaped NUL in quoted $field" "$prefix" '"hello\000"' "$suffix" "NUL in $field"
}
test_path_eol_quoted_fail () {
local change="$1" prefix="$2" field="$3" suffix="$4"
--
2.44.0
next prev parent reply other threads:[~2024-04-01 9:03 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-22 0:03 [PATCH 0/6] fast-import: tighten parsing of paths Thalia Archibald
2024-03-22 0:03 ` [PATCH 1/6] " Thalia Archibald
2024-03-22 0:11 ` Thalia Archibald
2024-03-28 8:21 ` Patrick Steinhardt
[not found] ` <E01C617F-3720-42C0-83EE-04BB01643C86@archibald.dev>
2024-04-01 9:05 ` Thalia Archibald
2024-03-22 0:03 ` [PATCH 2/6] fast-import: directly use strbufs for paths Thalia Archibald
2024-03-28 8:21 ` Patrick Steinhardt
2024-03-22 0:03 ` [PATCH 3/6] fast-import: release unfreed strbufs Thalia Archibald
2024-03-28 8:21 ` Patrick Steinhardt
2024-04-01 9:06 ` Thalia Archibald
2024-03-22 0:03 ` [PATCH 4/6] fast-import: remove dead strbuf Thalia Archibald
2024-03-28 8:21 ` Patrick Steinhardt
2024-03-22 0:03 ` [PATCH 5/6] fast-import: document C-style escapes for paths Thalia Archibald
2024-03-28 8:21 ` Patrick Steinhardt
2024-04-01 9:06 ` Thalia Archibald
2024-03-22 0:03 ` [PATCH 6/6] fast-import: forbid escaped NUL in paths Thalia Archibald
2024-04-01 9:02 ` [PATCH v2 0/8] fast-import: tighten parsing of paths Thalia Archibald
2024-04-01 9:02 ` [PATCH v2 1/8] fast-import: tighten path unquoting Thalia Archibald
2024-04-10 6:27 ` Patrick Steinhardt
2024-04-10 8:18 ` Chris Torek
2024-04-10 8:44 ` Thalia Archibald
2024-04-10 8:51 ` Chris Torek
2024-04-10 9:14 ` Thalia Archibald
2024-04-10 9:42 ` Patrick Steinhardt
2024-04-10 9:16 ` Thalia Archibald
2024-04-10 9:12 ` Thalia Archibald
2024-04-01 9:03 ` [PATCH v2 2/8] fast-import: directly use strbufs for paths Thalia Archibald
2024-04-10 6:27 ` Patrick Steinhardt
2024-04-10 10:07 ` Thalia Archibald
2024-04-10 10:18 ` Patrick Steinhardt
2024-04-01 9:03 ` [PATCH v2 3/8] fast-import: allow unquoted empty path for root Thalia Archibald
2024-04-10 6:27 ` Patrick Steinhardt
2024-04-01 9:03 ` [PATCH v2 4/8] fast-import: remove dead strbuf Thalia Archibald
2024-04-01 9:03 ` [PATCH v2 5/8] fast-import: improve documentation for unquoted paths Thalia Archibald
2024-04-01 9:03 ` [PATCH v2 6/8] fast-import: document C-style escapes for paths Thalia Archibald
2024-04-01 9:03 ` Thalia Archibald [this message]
2024-04-01 9:03 ` [PATCH v2 8/8] fast-import: make comments more precise Thalia Archibald
2024-04-07 21:19 ` [PATCH v2 0/8] fast-import: tighten parsing of paths Thalia Archibald
2024-04-07 23:46 ` Eric Sunshine
2024-04-08 6:25 ` Patrick Steinhardt
2024-04-08 7:15 ` Thalia Archibald
2024-04-08 9:07 ` Patrick Steinhardt
2024-04-08 14:52 ` Junio C Hamano
2024-04-10 9:54 ` [PATCH v3 " Thalia Archibald
2024-04-10 9:55 ` [PATCH v3 1/8] fast-import: tighten path unquoting Thalia Archibald
2024-04-10 9:55 ` [PATCH v3 2/8] fast-import: directly use strbufs for paths Thalia Archibald
2024-04-10 9:55 ` [PATCH v3 3/8] fast-import: allow unquoted empty path for root Thalia Archibald
2024-04-11 19:59 ` Junio C Hamano
2024-04-10 9:55 ` [PATCH v3 4/8] fast-import: remove dead strbuf Thalia Archibald
2024-04-11 19:53 ` Junio C Hamano
2024-04-10 9:55 ` [PATCH v3 5/8] fast-import: improve documentation for unquoted paths Thalia Archibald
2024-04-11 19:51 ` Junio C Hamano
2024-04-10 9:56 ` [PATCH v3 6/8] fast-import: document C-style escapes for paths Thalia Archibald
2024-04-10 18:28 ` Junio C Hamano
2024-04-10 22:50 ` Thalia Archibald
2024-04-11 5:32 ` Junio C Hamano
2024-04-11 9:14 ` Patrick Steinhardt
2024-04-10 9:56 ` [PATCH v3 7/8] fast-import: forbid escaped NUL in paths Thalia Archibald
2024-04-10 18:51 ` Junio C Hamano
2024-04-10 9:56 ` [PATCH v3 8/8] fast-import: make comments more precise Thalia Archibald
2024-04-10 19:21 ` Junio C Hamano
2024-04-12 8:01 ` [PATCH v4 0/8] fast-import: tighten parsing of paths Thalia Archibald
2024-04-12 8:02 ` [PATCH v4 1/8] fast-import: tighten path unquoting Thalia Archibald
2024-04-12 16:34 ` Junio C Hamano
2024-04-13 0:07 ` Thalia Archibald
2024-04-13 18:33 ` Junio C Hamano
2024-04-12 8:03 ` [PATCH v4 2/8] fast-import: directly use strbufs for paths Thalia Archibald
2024-04-12 8:03 ` [PATCH v4 3/8] fast-import: allow unquoted empty path for root Thalia Archibald
2024-04-12 8:03 ` [PATCH v4 4/8] fast-import: remove dead strbuf Thalia Archibald
2024-04-12 8:03 ` [PATCH v4 5/8] fast-import: improve documentation for path quoting Thalia Archibald
2024-04-12 8:03 ` [PATCH v4 6/8] fast-import: document C-style escapes for paths Thalia Archibald
2024-04-12 8:03 ` [PATCH v4 7/8] fast-import: forbid escaped NUL in paths Thalia Archibald
2024-04-12 8:03 ` [PATCH v4 8/8] fast-import: make comments more precise Thalia Archibald
2024-04-14 1:11 ` [PATCH v5 0/8] fast-import: tighten parsing of paths Thalia Archibald
2024-04-14 1:11 ` [PATCH v5 1/8] fast-import: tighten path unquoting Thalia Archibald
2024-04-14 1:11 ` [PATCH v5 2/8] fast-import: directly use strbufs for paths Thalia Archibald
2024-04-14 1:11 ` [PATCH v5 3/8] fast-import: allow unquoted empty path for root Thalia Archibald
2024-04-14 1:11 ` [PATCH v5 4/8] fast-import: remove dead strbuf Thalia Archibald
2024-04-14 1:12 ` [PATCH v5 5/8] fast-import: improve documentation for path quoting Thalia Archibald
2024-04-14 1:12 ` [PATCH v5 6/8] fast-import: document C-style escapes for paths Thalia Archibald
2024-04-14 1:12 ` [PATCH v5 7/8] fast-import: forbid escaped NUL in paths Thalia Archibald
2024-04-14 1:12 ` [PATCH v5 8/8] fast-import: make comments more precise Thalia Archibald
2024-04-15 7:06 ` [PATCH v5 0/8] fast-import: tighten parsing of paths Patrick Steinhardt
2024-04-15 17:07 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c087c6a8604ddcbda5f09bb41fb9d7e746ed9c55.1711960552.git.thalia@archibald.dev \
--to=thalia@archibald.dev \
--cc=git@vger.kernel.org \
--cc=newren@gmail.com \
--cc=ps@pks.im \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.