From 2bbcc8239cda81a5a0a093e2b4afa6a47eecadda Mon Sep 17 00:00:00 2001 From: Sitaram Chamarty Date: Sun, 28 Nov 2010 20:01:39 +0530 Subject: [PATCH] tighten up pattern to check rsync arguments thanks to Joe Schaefer at the ASF for catching it. Note that this new pattern *may* be too restrictive -- if you're using this feature and have a problem with the new pattern please email me. See email to gitolite mailing list around this date (2010-11-28) for more details. --- src/gitolite.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/gitolite.pm b/src/gitolite.pm index 188dfee..989369a 100644 --- a/src/gitolite.pm +++ b/src/gitolite.pm @@ -1083,7 +1083,7 @@ sub ext_cmd_rsync my $perm = "W"; $perm = "R" if $1; my $path = $2; - die "I dont like some of the characters in $path\n" unless $path =~ $REPOPATT_PATT; + die "I dont like some of the characters in $path\n" unless $path =~ $REPONAME_PATT; # XXX make a better pattern for this if people complain ;-) die "I dont like absolute paths in $cmd\n" if $path =~ /^\//; die "I dont like '..' paths in $cmd\n" if $path =~ /\.\./;