Andrew's git / gitweb.git / diff
?
Merge branch 'jk/sq-dequote-on-bogus-input' into next
authorJunio C Hamano <gitster@pobox.com>
Wed, 14 Feb 2018 21:34:36 +0000 (13:34 -0800)
committerJunio C Hamano <gitster@pobox.com>
Wed, 14 Feb 2018 21:34:36 +0000 (13:34 -0800)
Code to unquote single-quoted string (used in the parser for
configuration files, etc.) did not diagnose bogus input correctly
and produced bogus results instead.

* jk/sq-dequote-on-bogus-input:
sq_dequote: fix extra consumption of source string

quote.c patch | blob | history
t/t1300-repo-config.sh patch | blob | history
diff --git a/quote.c b/quote.c
index 37d26868656fe8c8c65de41580ab5ae9e89981fc..c95dd2cafbaa85c9c443a229134842bf06ce3200 100644 (file)
--- a/quote.c
+++ b/quote.c
@@ -118,9 +118,15 @@ static char *sq_dequote_step(char *arg, char **next)
                                *next = NULL;
                        return arg;
                case '\\':
-                       c = *++src;
-                       if (need_bs_quote(c) && *++src == '\'') {
-                               *dst++ = c;
+                       /*
+                        * Allow backslashed characters outside of
+                        * single-quotes only if they need escaping,
+                        * and only if we resume the single-quoted part
+                        * afterward.
+                        */
+                       if (need_bs_quote(src[1]) && src[2] == '\'') {
+                               *dst++ = src[1];
+                               src += 2;
                                continue;
                        }
                /* Fallthrough */
diff --git a/t/t1300-repo-config.sh b/t/t1300-repo-config.sh
index cbeb9bebeea67c3654c279b2c12fed4825840d8f..4f8e6f5fde3295cc91d2feb1fd85fa007e56016c 100755 (executable)
--- a/t/t1300-repo-config.sh
+++ b/t/t1300-repo-config.sh
@@ -1206,6 +1206,29 @@ test_expect_success 'git -c is not confused by empty environment' '
        GIT_CONFIG_PARAMETERS="" git -c x.one=1 config --list
 '
 
+sq="'"
+test_expect_success 'detect bogus GIT_CONFIG_PARAMETERS' '
+       cat >expect <<-\EOF &&
+       env.one one
+       env.two two
+       EOF
+       GIT_CONFIG_PARAMETERS="${sq}env.one=one${sq} ${sq}env.two=two${sq}" \
+               git config --get-regexp "env.*" >actual &&
+       test_cmp expect actual &&
+
+       cat >expect <<-EOF &&
+       env.one one${sq}
+       env.two two
+       EOF
+       GIT_CONFIG_PARAMETERS="${sq}env.one=one${sq}\\$sq$sq$sq ${sq}env.two=two${sq}" \
+               git config --get-regexp "env.*" >actual &&
+       test_cmp expect actual &&
+
+       test_must_fail env \
+               GIT_CONFIG_PARAMETERS="${sq}env.one=one${sq}\\$sq ${sq}env.two=two${sq}" \
+               git config --get-regexp "env.*"
+'
+
 test_expect_success 'git config --edit works' '
        git config -f tmp test.value no &&
        echo test.value=yes >expect &&