From 09f513cb37bcc0f2fba803acacfed66e527c68ba Mon Sep 17 00:00:00 2001
From: Shawn Pearce <spearce@spearce.org>
Date: Tue, 11 Mar 2014 20:12:07 -0700
Subject: [PATCH] Reject '.git' as a tree name in ObjectChecker

Using .git as a name in a tree is invalid for most Git repositories.
This can confuse clients into thinking there is a submodule or another
repository deeper in the tree, which is incorrect.

Change-Id: I90a1eaf25d45e91557f3f548b69cdcd8f7cddce1
---
 .../eclipse/jgit/lib/ObjectCheckerTest.java   | 13 ++++++++++++
 .../org/eclipse/jgit/lib/ObjectChecker.java   | 21 +++++++++++++++----
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/org.eclipse.jgit.test/tst/org/eclipse/jgit/lib/ObjectCheckerTest.java b/org.eclipse.jgit.test/tst/org/eclipse/jgit/lib/ObjectCheckerTest.java
index 4a4e349cfd..e3509ae31f 100644
--- a/org.eclipse.jgit.test/tst/org/eclipse/jgit/lib/ObjectCheckerTest.java
+++ b/org.eclipse.jgit.test/tst/org/eclipse/jgit/lib/ObjectCheckerTest.java
@@ -1272,6 +1272,19 @@ public class ObjectCheckerTest {
 		}
 	}
 
+	@Test
+	public void testInvalidTreeNameIsGit() {
+		StringBuilder b = new StringBuilder();
+		entry(b, "100644 .git");
+		byte[] data = Constants.encodeASCII(b.toString());
+		try {
+			checker.checkTree(data);
+			fail("incorrectly accepted an invalid tree");
+		} catch (CorruptObjectException e) {
+			assertEquals("invalid name '.git'", e.getMessage());
+		}
+	}
+
 	@Test
 	public void testInvalidTreeTruncatedInName() {
 		final StringBuilder b = new StringBuilder();
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/lib/ObjectChecker.java b/org.eclipse.jgit/src/org/eclipse/jgit/lib/ObjectChecker.java
index 6e470c9b2b..6e8188248c 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/lib/ObjectChecker.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/lib/ObjectChecker.java
@@ -53,6 +53,7 @@ import java.text.MessageFormat;
 import org.eclipse.jgit.errors.CorruptObjectException;
 import org.eclipse.jgit.internal.JGitText;
 import org.eclipse.jgit.util.MutableInteger;
+import org.eclipse.jgit.util.RawParseUtils;
 
 /**
  * Verifies that an object is formatted correctly.
@@ -372,14 +373,26 @@ public class ObjectChecker {
 		if (ptr == end)
 			throw new CorruptObjectException("zero length name");
 		if (raw[ptr] == '.') {
-			int nameLen = end - ptr;
-			if (nameLen == 1)
+			switch (end - ptr) {
+			case 1:
 				throw new CorruptObjectException("invalid name '.'");
-			if (nameLen == 2 && raw[ptr + 1] == '.')
-				throw new CorruptObjectException("invalid name '..'");
+			case 2:
+				if (raw[ptr + 1] == '.')
+					throw new CorruptObjectException("invalid name '..'");
+				break;
+			case 4:
+				if (isDotGit(raw, ptr + 1))
+					throw new CorruptObjectException(String.format(
+							"invalid name '%s'",
+							RawParseUtils.decode(raw, ptr, end)));
+			}
 		}
 	}
 
+	private static boolean isDotGit(byte[] buf, int p) {
+		return buf[p] == 'g' && buf[p + 1] == 'i' && buf[p + 2] == 't';
+	}
+
 	/**
 	 * Check a blob for errors.
 	 *
-- 
2.39.5