apply: do not read from beyond a symbolic link
We should reject a patch, whether it renames/copies dir/file to elsewhere with or without modificiation, or updates dir/file in place, if "dir/" part is actually a symbolic link to elsewhere, by making sure that the code to read the preimage does not read from a path that is beyond a symbolic link. Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Junio C Hamano
parent
3c37a2e339
commit
fdc2c3a926
@ -3145,6 +3145,8 @@ static int load_patch_target(struct strbuf *buf,
|
|||||||
return read_file_or_gitlink(ce, buf);
|
return read_file_or_gitlink(ce, buf);
|
||||||
else
|
else
|
||||||
return SUBMODULE_PATCH_WITHOUT_INDEX;
|
return SUBMODULE_PATCH_WITHOUT_INDEX;
|
||||||
|
} else if (has_symlink_leading_path(name, strlen(name))) {
|
||||||
|
return error(_("reading from '%s' beyond a symbolic link"), name);
|
||||||
} else {
|
} else {
|
||||||
if (read_old_data(st, name, buf))
|
if (read_old_data(st, name, buf))
|
||||||
return error(_("read of %s failed"), name);
|
return error(_("read of %s failed"), name);
|
||||||
|
|||||||
@ -52,4 +52,23 @@ test_expect_success 'check result' '
|
|||||||
|
|
||||||
'
|
'
|
||||||
|
|
||||||
|
test_expect_success SYMLINKS 'do not read from beyond symbolic link' '
|
||||||
|
git reset --hard &&
|
||||||
|
mkdir -p arch/x86_64/dir &&
|
||||||
|
>arch/x86_64/dir/file &&
|
||||||
|
git add arch/x86_64/dir/file &&
|
||||||
|
echo line >arch/x86_64/dir/file &&
|
||||||
|
git diff >patch &&
|
||||||
|
git reset --hard &&
|
||||||
|
|
||||||
|
mkdir arch/i386/dir &&
|
||||||
|
>arch/i386/dir/file &&
|
||||||
|
ln -s ../i386/dir arch/x86_64/dir &&
|
||||||
|
|
||||||
|
test_must_fail git apply patch &&
|
||||||
|
test_must_fail git apply --cached patch &&
|
||||||
|
test_must_fail git apply --index patch
|
||||||
|
|
||||||
|
'
|
||||||
|
|
||||||
test_done
|
test_done
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user