X-Git-Url: https://git.octo.it/?a=blobdiff_plain;f=sha1_name.c;h=fe409fbce4978535bdf38773fd4e2924a68733b9;hb=6b17c674aa517c4b22cd88809fcf1532b8204fbf;hp=75c688ecf2d9381d665f4b2f388df4ceaa0fdab5;hpb=29504118f8528f658fd0bfc02d8d78d4c01dc2cc;p=git.git

diff --git a/sha1_name.c b/sha1_name.c
index 75c688ec..fe409fbc 100644
--- a/sha1_name.c
+++ b/sha1_name.c
@@ -203,6 +203,29 @@ const char *find_unique_abbrev(const unsigned char *sha1, int len)
 	return NULL;
 }
 
+static int ambiguous_path(const char *path)
+{
+	int slash = 1;
+
+	for (;;) {
+		switch (*path++) {
+		case '\0':
+			break;
+		case '/':
+			if (slash)
+				break;
+			slash = 1;
+			continue;
+		case '.':
+			continue;
+		default:
+			slash = 0;
+			continue;
+		}
+		return slash;
+	}
+}
+
 static int get_sha1_basic(const char *str, int len, unsigned char *sha1)
 {
 	static const char *prefix[] = {
@@ -217,6 +240,10 @@ static int get_sha1_basic(const char *str, int len, unsigned char *sha1)
 	if (len == 40 && !get_sha1_hex(str, sha1))
 		return 0;
 
+	/* Accept only unambiguous ref paths. */
+	if (ambiguous_path(str))
+		return -1;
+
 	for (p = prefix; *p; p++) {
 		char *pathname = git_path("%s/%.*s", *p, len, str);
 		if (!read_ref(pathname, sha1))
@@ -323,6 +350,8 @@ static int peel_onion(const char *name, int len, unsigned char *sha1)
 		return -1;
 	if (!type_string) {
 		o = deref_tag(o);
+		if (!o || (!o->parsed && !parse_object(o->sha1)))
+			return -1;
 		memcpy(sha1, o->sha1, 20);
 	}
 	else {
@@ -332,7 +361,7 @@ static int peel_onion(const char *name, int len, unsigned char *sha1)
 		 */
 
 		while (1) {
-			if (!o)
+			if (!o || (!o->parsed && !parse_object(o->sha1)))
 				return -1;
 			if (o->type == type_string) {
 				memcpy(sha1, o->sha1, 20);