Refuse to create funny refs in clone-pack, git-fetch and receive-pack.

Using git-check-ref-format, make sure we do not create refs with
funny names when cloning from elsewhere (clone-pack), fast forwarding
local heads (git-fetch), or somebody pushes into us (receive-pack).

Signed-off-by: Junio C Hamano <junkio@cox.net>
This commit is contained in:
Junio C Hamano 2005-10-13 18:57:39 -07:00
parent 03feddd6e8
commit d8a1deecc6
3 changed files with 16 additions and 0 deletions

View File

@ -36,6 +36,12 @@ static void write_one_ref(struct ref *ref)
int fd; int fd;
char *hex; char *hex;
if (!strncmp(ref->name, "refs/", 5) &&
check_ref_format(ref->name + 5)) {
error("refusing to create funny ref '%s' locally", ref->name);
return;
}
if (safe_create_leading_directories(path)) if (safe_create_leading_directories(path))
die("unable to create leading directory for %s", ref->name); die("unable to create leading directory for %s", ref->name);
fd = open(path, O_CREAT | O_EXCL | O_WRONLY, 0666); fd = open(path, O_CREAT | O_EXCL | O_WRONLY, 0666);

View File

@ -94,6 +94,12 @@ canon_refs_list_for_fetch () {
heads/* | tags/* ) local="refs/$local" ;; heads/* | tags/* ) local="refs/$local" ;;
*) local="refs/heads/$local" ;; *) local="refs/heads/$local" ;;
esac esac
if local_ref_name=$(expr "$local" : 'refs/\(.*\)')
then
git-check-ref-format "$local_ref_name" ||
die "* refusing to create funny ref '$local_ref_name' locally"
fi
echo "${dot_prefix}${force}${remote}:${local}" echo "${dot_prefix}${force}${remote}:${local}"
dot_prefix=. dot_prefix=.
done done

View File

@ -95,6 +95,10 @@ static int update(const char *name,
char new_hex[60], *old_hex, *lock_name; char new_hex[60], *old_hex, *lock_name;
int newfd, namelen, written; int newfd, namelen, written;
if (!strncmp(name, "refs/", 5) && check_ref_format(name + 5))
return error("refusing to create funny ref '%s' locally",
name);
namelen = strlen(name); namelen = strlen(name);
lock_name = xmalloc(namelen + 10); lock_name = xmalloc(namelen + 10);
memcpy(lock_name, name, namelen); memcpy(lock_name, name, namelen);