tighten up ref/file names (warning: possible backward compat breakage)
The backward compat breakage is for people who already have all kinds of
arbitrary characters in filenames *and* use `NAME/` rules. See the doc
change in this commit for details and mitigation. See this link for
background:
http://groups.google.com/group/gitolite/browse_thread/thread/8dc5242052b16d0f
Thanks to Dan Carpenter for the audit.
This commit is contained in:
Sitaram Chamarty
parent
871ed281cc
commit
a07e0d6b5c
5 changed files with 124 additions and 1 deletions
|
|
@ -213,6 +213,10 @@ sub check_ref {
|
|||
# NOTE: the function DIES when access is denied, unless arg 5 is true
|
||||
|
||||
my ($allowed_refs, $repo, $ref, $perm, $dry_run) = @_;
|
||||
|
||||
# sanity check the ref
|
||||
die "invalid characters in ref or filename: $ref\n" unless $ref =~ $GL_REF_OR_FILENAME_PATT;
|
||||
|
||||
my @allowed_refs = sort { $a->[0] <=> $b->[0] } @{$allowed_refs};
|
||||
for my $ar (@allowed_refs) {
|
||||
my $refex = $ar->[1];
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue