Merge pull request #1084 from libgit2/filename-validation

Filename validation
2025-08-13 08:27:06 +00:00 · 2012-11-18 17:19:20 -08:00 · 2012-11-18 17:19:20 -08:00 · 560cc1e1ed
commit 560cc1e1ed
parent 629c082930 1876360f81
3 changed files with 39 additions and 1 deletions
--- a/src/tree.c
+++ b/src/tree.c
@ -26,7 +26,9 @@ static bool valid_filemode(const int filemode)
 static int valid_entry_name(const char *filename)
 {
-	return *filename != '\0' && strchr(filename, '/') == NULL;
+	return *filename != '\0' && strchr(filename, '/') == NULL &&
 		strcmp(filename, "..") != 0 && strcmp(filename, ".") != 0 &&
 		strcmp(filename, ".git") != 0;
 }
 static int entry_sort_cmp(const void *a, const void *b)
@ -372,6 +374,9 @@ static int append_entry(
 {
 	git_tree_entry *entry;
 	if (!valid_entry_name(filename))
 		return tree_error("Failed to insert entry. Invalid name for a tree entry");
 	entry = alloc_entry(filename);
 	GITERR_CHECK_ALLOC(entry);
--- a/tests-clar/index/tests.c
+++ b/tests-clar/index/tests.c
@ -261,3 +261,30 @@ void test_index_tests__add_from_workdir_to_a_bare_repository_returns_EBAREPO(voi
 	git_index_free(index);
 	git_repository_free(bare_repo);
 }
 /* Test that writing an invalid filename fails */
 void test_index_tests__write_invalid_filename(void)
 {
 	git_repository *repo;
 	git_index *index;
 	git_oid expected;
 	p_mkdir("read_tree", 0700);
 	cl_git_pass(git_repository_init(&repo, "./read_tree", 0));
 	cl_git_pass(git_repository_index(&index, repo));
 	cl_assert(git_index_entrycount(index) == 0);
 	cl_git_mkfile("./read_tree/.git/hello", NULL);
 	cl_git_pass(git_index_add_from_workdir(index, ".git/hello"));
 	/* write-tree */
 	cl_git_fail(git_index_write_tree(&expected, index));
 	git_index_free(index);
 	git_repository_free(repo);
 	cl_fixture_cleanup("read_tree");
 }
--- a/tests-clar/object/tree/write.c
+++ b/tests-clar/object/tree/write.c
@ -39,6 +39,12 @@ void test_object_tree_write__from_memory(void)
 		&bid, GIT_FILEMODE_BLOB));
 	cl_git_fail(git_treebuilder_insert(NULL, builder, "/",
 		&bid, GIT_FILEMODE_BLOB));
 	cl_git_fail(git_treebuilder_insert(NULL, builder, ".git",
 		&bid, GIT_FILEMODE_BLOB));
 	cl_git_fail(git_treebuilder_insert(NULL, builder, "..",
 		&bid, GIT_FILEMODE_BLOB));
 	cl_git_fail(git_treebuilder_insert(NULL, builder, ".",
 		&bid, GIT_FILEMODE_BLOB));
 	cl_git_fail(git_treebuilder_insert(NULL, builder, "folder/new.txt",
 		&bid, GIT_FILEMODE_BLOB));