static int inside_git_dir = -1;
static int inside_work_tree = -1;
-const char *prefix_path(const char *prefix, int len, const char *path)
+static int sanitary_path_copy(char *dst, const char *src)
{
- const char *orig = path;
+ char *dst0 = dst;
+
+ if (*src == '/') {
+ *dst++ = '/';
+ while (*src == '/')
+ src++;
+ }
+
for (;;) {
- char c;
- if (*path != '.')
- break;
- c = path[1];
- /* "." */
- if (!c) {
- path++;
- break;
+ char c = *src;
+
+ /*
+ * A path component that begins with . could be
+ * special:
+ * (1) "." and ends -- ignore and terminate.
+ * (2) "./" -- ignore them, eat slash and continue.
+ * (3) ".." and ends -- strip one and terminate.
+ * (4) "../" -- strip one, eat slash and continue.
+ */
+ if (c == '.') {
+ switch (src[1]) {
+ case '\0':
+ /* (1) */
+ src++;
+ break;
+ case '/':
+ /* (2) */
+ src += 2;
+ while (*src == '/')
+ src++;
+ continue;
+ case '.':
+ switch (src[2]) {
+ case '\0':
+ /* (3) */
+ src += 2;
+ goto up_one;
+ case '/':
+ /* (4) */
+ src += 3;
+ while (*src == '/')
+ src++;
+ goto up_one;
+ }
+ }
}
- /* "./" */
+
+ /* copy up to the next '/', and eat all '/' */
+ while ((c = *src++) != '\0' && c != '/')
+ *dst++ = c;
if (c == '/') {
- path += 2;
- continue;
- }
- if (c != '.')
+ *dst++ = c;
+ while (c == '/')
+ c = *src++;
+ src--;
+ } else if (!c)
break;
- c = path[2];
- if (!c)
- path += 2;
- else if (c == '/')
- path += 3;
- else
- break;
- /* ".." and "../" */
- /* Remove last component of the prefix */
- do {
- if (!len)
- die("'%s' is outside repository", orig);
- len--;
- } while (len && prefix[len-1] != '/');
continue;
+
+ up_one:
+ /*
+ * dst0..dst is prefix portion, and dst[-1] is '/';
+ * go up one level.
+ */
+ dst -= 2; /* go past trailing '/' if any */
+ if (dst < dst0)
+ return -1;
+ while (1) {
+ if (dst <= dst0)
+ break;
+ c = *dst--;
+ if (c == '/') {
+ dst += 2;
+ break;
+ }
+ }
}
- if (len) {
- int speclen = strlen(path);
- char *n = xmalloc(speclen + len + 1);
+ *dst = '\0';
+ return 0;
+}
- memcpy(n, prefix, len);
- memcpy(n + len, path, speclen+1);
- path = n;
+const char *prefix_path(const char *prefix, int len, const char *path)
+{
+ const char *orig = path;
+ char *sanitized = xmalloc(len + strlen(path) + 1);
+ if (*orig == '/')
+ strcpy(sanitized, path);
+ else {
+ if (len)
+ memcpy(sanitized, prefix, len);
+ strcpy(sanitized + len, path);
}
- return path;
+ if (sanitary_path_copy(sanitized, sanitized))
+ goto error_out;
+ if (*orig == '/') {
+ const char *work_tree = get_git_work_tree();
+ size_t len = strlen(work_tree);
+ size_t total = strlen(sanitized) + 1;
+ if (strncmp(sanitized, work_tree, len) ||
+ (sanitized[len] != '\0' && sanitized[len] != '/')) {
+ error_out:
+ error("'%s' is outside repository", orig);
+ free(sanitized);
+ return NULL;
+ }
+ if (sanitized[len] == '/')
+ len++;
+ memmove(sanitized, sanitized + len, total - len);
+ }
+ return sanitized;
}
/*
const char **get_pathspec(const char *prefix, const char **pathspec)
{
const char *entry = *pathspec;
- const char **p;
+ const char **src, **dst;
int prefixlen;
if (!prefix && !entry)
}
/* Otherwise we have to re-write the entries.. */
- p = pathspec;
+ src = pathspec;
+ dst = pathspec;
prefixlen = prefix ? strlen(prefix) : 0;
- do {
- *p = prefix_path(prefix, prefixlen, entry);
- } while ((entry = *++p) != NULL);
- return (const char **) pathspec;
+ while (*src) {
+ const char *p = prefix_path(prefix, prefixlen, *src);
+ if (p)
+ *(dst++) = p;
+ src++;
+ }
+ *dst = NULL;
+ if (!*pathspec)
+ return NULL;
+ return pathspec;
}
/*
--- /dev/null
+#!/bin/sh
+
+test_description='setup taking and sanitizing funny paths'
+
+. ./test-lib.sh
+
+test_expect_success setup '
+
+ mkdir -p a/b/c a/e &&
+ D=$(pwd) &&
+ >a/b/c/d &&
+ >a/e/f
+
+'
+
+test_expect_success 'git add (absolute)' '
+
+ git add "$D/a/b/c/d" &&
+ git ls-files >current &&
+ echo a/b/c/d >expect &&
+ diff -u expect current
+
+'
+
+
+test_expect_success 'git add (funny relative)' '
+
+ rm -f .git/index &&
+ (
+ cd a/b &&
+ git add "../e/./f"
+ ) &&
+ git ls-files >current &&
+ echo a/e/f >expect &&
+ diff -u expect current
+
+'
+
+test_expect_success 'git rm (absolute)' '
+
+ rm -f .git/index &&
+ git add a &&
+ git rm -f --cached "$D/a/b/c/d" &&
+ git ls-files >current &&
+ echo a/e/f >expect &&
+ diff -u expect current
+
+'
+
+test_expect_success 'git rm (funny relative)' '
+
+ rm -f .git/index &&
+ git add a &&
+ (
+ cd a/b &&
+ git rm -f --cached "../e/./f"
+ ) &&
+ git ls-files >current &&
+ echo a/b/c/d >expect &&
+ diff -u expect current
+
+'
+
+test_expect_success 'git ls-files (absolute)' '
+
+ rm -f .git/index &&
+ git add a &&
+ git ls-files "$D/a/e/../b" >current &&
+ echo a/b/c/d >expect &&
+ diff -u expect current
+
+'
+
+test_expect_success 'git ls-files (relative #1)' '
+
+ rm -f .git/index &&
+ git add a &&
+ (
+ cd a/b &&
+ git ls-files "../b/c"
+ ) >current &&
+ echo c/d >expect &&
+ diff -u expect current
+
+'
+
+test_expect_success 'git ls-files (relative #2)' '
+
+ rm -f .git/index &&
+ git add a &&
+ (
+ cd a/b &&
+ git ls-files --full-name "../e/f"
+ ) >current &&
+ echo a/e/f >expect &&
+ diff -u expect current
+
+'
+
+test_expect_success 'git ls-files (relative #3)' '
+
+ rm -f .git/index &&
+ git add a &&
+ (
+ cd a/b &&
+ if git ls-files "../e/f"
+ then
+ echo Gaah, should have failed
+ exit 1
+ else
+ : happy
+ fi
+ )
+
+'
+
+test_done