Andrew's git / gitweb.git / diff
?
connect: factor out "looks like command line option" check
authorJeff King <peff@peff.net>
Fri, 28 Jul 2017 19:25:45 +0000 (15:25 -0400)
committerJunio C Hamano <gitster@pobox.com>
Fri, 28 Jul 2017 22:51:56 +0000 (15:51 -0700)
We reject hostnames that start with a dash because they may
be confused for command-line options. Let's factor out that
notion into a helper function, as we'll use it in more
places. And while it's simple now, it's not clear if some
systems might need more complex logic to handle all cases.

Signed-off-by: Jeff King <peff@peff.net>
Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
cache.h patch | blob | history
connect.c patch | blob | history
path.c patch | blob | history
diff --git a/cache.h b/cache.h
index 1a2cec0b888228d4ac58aa23e68f531db45b515e..b9fc3a8e33f657db8869ca512da177f6fc6859c9 100644 (file)
--- a/cache.h
+++ b/cache.h
@@ -991,6 +991,14 @@ char *strip_path_suffix(const char *path, const char *suffix);
 int daemon_avoid_alias(const char *path);
 extern int is_ntfs_dotgit(const char *name);
 
+/*
+ * Returns true iff "str" could be confused as a command-line option when
+ * passed to a sub-program like "ssh". Note that this has nothing to do with
+ * shell-quoting, which should be handled separately; we're assuming here that
+ * the string makes it verbatim to the sub-program.
+ */
+int looks_like_command_line_option(const char *str);
+
 /**
  * Return a newly allocated string with the evaluation of
  * "$XDG_CONFIG_HOME/git/$filename" if $XDG_CONFIG_HOME is non-empty, otherwise
diff --git a/connect.c b/connect.c
index 0e8e05d83af705a72495a06f544394f67547da2d..a0091acb1f06a8af6fc34fc6d5c474cb633d3827 100644 (file)
--- a/connect.c
+++ b/connect.c
@@ -754,7 +754,7 @@ struct child_process *git_connect(int fd[2], const char *url,
                                return NULL;
                        }
 
-                       if (ssh_host[0] == '-')
+                       if (looks_like_command_line_option(ssh_host))
                                die("strange hostname '%s' blocked", ssh_host);
 
                        ssh = getenv("GIT_SSH_COMMAND");
diff --git a/path.c b/path.c
index 8b7e16812927645367c4912e88d2a5f3065efb85..b214ac3fe63d4aa7cd134f4e819f48c54936977a 100644 (file)
--- a/path.c
+++ b/path.c
@@ -1178,6 +1178,11 @@ int is_ntfs_dotgit(const char *name)
                }
 }
 
+int looks_like_command_line_option(const char *str)
+{
+       return str && str[0] == '-';
+}
+
 char *xdg_config_home(const char *filename)
 {
        const char *home, *config_home;