X-Git-Url: https://git.octo.it/?a=blobdiff_plain;f=read-cache.c;h=e8fa6d081285b3e8bdd3ee1912db113d2bc874cc;hb=8dcf39c46e2931ca02b18b1ea3a6b21f446d8de8;hp=f97f92d90a6d6f8359dcb4c25988fe623fd4dd65;hpb=12d81ce59846e17676c5534257ca2f1783829d63;p=git.git

diff --git a/read-cache.c b/read-cache.c
index f97f92d9..e8fa6d08 100644
--- a/read-cache.c
+++ b/read-cache.c
@@ -332,6 +332,70 @@ int ce_path_match(const struct cache_entry *ce, const char **pathspec)
 }
 
 /*
+ * We fundamentally don't like some paths: we don't want
+ * dot or dot-dot anywhere, and for obvious reasons don't
+ * want to recurse into ".git" either.
+ *
+ * Also, we don't want double slashes or slashes at the
+ * end that can make pathnames ambiguous.
+ */
+static int verify_dotfile(const char *rest)
+{
+	/*
+	 * The first character was '.', but that
+	 * has already been discarded, we now test
+	 * the rest.
+	 */
+	switch (*rest) {
+	/* "." is not allowed */
+	case '\0': case '/':
+		return 0;
+
+	/*
+	 * ".git" followed by  NUL or slash is bad. This
+	 * shares the path end test with the ".." case.
+	 */
+	case 'g':
+		if (rest[1] != 'i')
+			break;
+		if (rest[2] != 't')
+			break;
+		rest += 2;
+	/* fallthrough */
+	case '.':
+		if (rest[1] == '\0' || rest[1] == '/')
+			return 0;
+	}
+	return 1;
+}
+
+int verify_path(const char *path)
+{
+	char c;
+
+	goto inside;
+	for (;;) {
+		if (!c)
+			return 1;
+		if (c == '/') {
+inside:
+			c = *path++;
+			switch (c) {
+			default:
+				continue;
+			case '/': case '\0':
+				break;
+			case '.':
+				if (verify_dotfile(path))
+					continue;
+			}
+			return 0;
+		}
+		c = *path++;
+	}
+}
+
+/*
  * Do we have another file that has the beginning components being a
  * proper superset of the name we're trying to add?
  */
@@ -472,6 +536,8 @@ int add_cache_entry(struct cache_entry *ce, int option)
 
 	if (!ok_to_add)
 		return -1;
+	if (!verify_path(ce->name))
+		return -1;
 
 	if (!skip_df_check &&
 	    check_file_directory_conflict(ce, pos, ok_to_replace)) {
@@ -552,7 +618,7 @@ int read_cache(void)
 
 	active_nr = ntohl(hdr->hdr_entries);
 	active_alloc = alloc_nr(active_nr);
-	active_cache = calloc(active_alloc, sizeof(struct cache_entry *));
+	active_cache = xcalloc(active_alloc, sizeof(struct cache_entry *));
 
 	offset = sizeof(*hdr);
 	for (i = 0; i < active_nr; i++) {