diff options
| author | Shawn Pearce <spearce@spearce.org> | 2014-03-11 20:12:07 -0700 |
|---|---|---|
| committer | Shawn Pearce <spearce@spearce.org> | 2014-03-12 15:43:38 -0700 |
| commit | 09f513cb37bcc0f2fba803acacfed66e527c68ba (patch) | |
| tree | 7cd1d80a710b43ba969cf0a77c3ede4da35a9d5a | |
| parent | 77cd1c8cdccffa9b9cef0ec620fbfc91691bab24 (diff) | |
| download | jgit-09f513cb37bcc0f2fba803acacfed66e527c68ba.tar.gz jgit-09f513cb37bcc0f2fba803acacfed66e527c68ba.zip | |
Reject '.git' as a tree name in ObjectChecker
Using .git as a name in a tree is invalid for most Git repositories.
This can confuse clients into thinking there is a submodule or another
repository deeper in the tree, which is incorrect.
Change-Id: I90a1eaf25d45e91557f3f548b69cdcd8f7cddce1
| -rw-r--r-- | org.eclipse.jgit.test/tst/org/eclipse/jgit/lib/ObjectCheckerTest.java | 13 | ||||
| -rw-r--r-- | org.eclipse.jgit/src/org/eclipse/jgit/lib/ObjectChecker.java | 21 |
2 files changed, 30 insertions, 4 deletions
diff --git a/org.eclipse.jgit.test/tst/org/eclipse/jgit/lib/ObjectCheckerTest.java b/org.eclipse.jgit.test/tst/org/eclipse/jgit/lib/ObjectCheckerTest.java index 4a4e349cfd..e3509ae31f 100644 --- a/org.eclipse.jgit.test/tst/org/eclipse/jgit/lib/ObjectCheckerTest.java +++ b/org.eclipse.jgit.test/tst/org/eclipse/jgit/lib/ObjectCheckerTest.java @@ -1273,6 +1273,19 @@ public class ObjectCheckerTest { } @Test + public void testInvalidTreeNameIsGit() { + StringBuilder b = new StringBuilder(); + entry(b, "100644 .git"); + byte[] data = Constants.encodeASCII(b.toString()); + try { + checker.checkTree(data); + fail("incorrectly accepted an invalid tree"); + } catch (CorruptObjectException e) { + assertEquals("invalid name '.git'", e.getMessage()); + } + } + + @Test public void testInvalidTreeTruncatedInName() { final StringBuilder b = new StringBuilder(); b.append("100644 b"); diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/lib/ObjectChecker.java b/org.eclipse.jgit/src/org/eclipse/jgit/lib/ObjectChecker.java index 6e470c9b2b..6e8188248c 100644 --- a/org.eclipse.jgit/src/org/eclipse/jgit/lib/ObjectChecker.java +++ b/org.eclipse.jgit/src/org/eclipse/jgit/lib/ObjectChecker.java @@ -53,6 +53,7 @@ import java.text.MessageFormat; import org.eclipse.jgit.errors.CorruptObjectException; import org.eclipse.jgit.internal.JGitText; import org.eclipse.jgit.util.MutableInteger; +import org.eclipse.jgit.util.RawParseUtils; /** * Verifies that an object is formatted correctly. @@ -372,14 +373,26 @@ public class ObjectChecker { if (ptr == end) throw new CorruptObjectException("zero length name"); if (raw[ptr] == '.') { - int nameLen = end - ptr; - if (nameLen == 1) + switch (end - ptr) { + case 1: throw new CorruptObjectException("invalid name '.'"); - if (nameLen == 2 && raw[ptr + 1] == '.') - throw new CorruptObjectException("invalid name '..'"); + case 2: + if (raw[ptr + 1] == '.') + throw new CorruptObjectException("invalid name '..'"); + break; + case 4: + if (isDotGit(raw, ptr + 1)) + throw new CorruptObjectException(String.format( + "invalid name '%s'", + RawParseUtils.decode(raw, ptr, end))); + } } } + private static boolean isDotGit(byte[] buf, int p) { + return buf[p] == 'g' && buf[p + 1] == 'i' && buf[p + 2] == 't'; + } + /** * Check a blob for errors. * |