cvsserver: Make req_Root more critical of its input data

The path submitted with the Root request has to be absolute
(cvs does it this way and it may save us some sanity checks
later)

If multiple roots are specified (e.g. because we use
pserver authentication which will already include the
root), ensure that they say all the same.

Probably neither is a security risk, and neither should ever
be triggered by a sane client, but when validating
input data, it's better to be save than sorry.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Frank Lichtenheld 2007-06-07 16:57:00 +02:00 committed by Junio C Hamano
parent 225696af2c
commit 4890888d74
2 changed files with 45 additions and 0 deletions

View File

@ -167,6 +167,17 @@ sub req_Root
my ( $cmd, $data ) = @_;
$log->debug("req_Root : $data");
unless ($data =~ m#^/#) {
print "error 1 Root must be an absolute pathname\n";
return 0;
}
if ($state->{CVSROOT}
&& ($state->{CVSROOT} ne $data)) {
print "error 1 Conflicting roots specified\n";
return 0;
}
$state->{CVSROOT} = $data;
$ENV{GIT_DIR} = $state->{CVSROOT} . "/";

View File

@ -110,6 +110,40 @@ test_expect_success 'pserver authentication failure (login/non-anonymous user)'
tail -n1 log | grep -q "^I HATE YOU$"'
# misuse pserver authentication for testing of req_Root
cat >request-relative <<EOF
BEGIN AUTH REQUEST
gitcvs.git
anonymous
END AUTH REQUEST
EOF
cat >request-conflict <<EOF
BEGIN AUTH REQUEST
$SERVERDIR
anonymous
END AUTH REQUEST
Root $WORKDIR
EOF
test_expect_success 'req_Root failure (relative pathname)' \
'if cat request-relative | git-cvsserver pserver >log 2>&1
then
echo unexpected success
false
else
true
fi &&
tail log | grep -q "^error 1 Root must be an absolute pathname$"'
test_expect_success 'req_Root failure (conflicting roots)' \
'cat request-conflict | git-cvsserver pserver >log 2>&1 &&
tail log | grep -q "^error 1 Conflicting roots specified$"'
#--------------
# CONFIG TESTS
#--------------