diff options
| author | Robin Rosenberg <robin.rosenberg@dewire.com> | 2012-04-23 22:37:50 +0200 |
|---|---|---|
| committer | Matthias Sohn <matthias.sohn@sap.com> | 2012-04-23 22:37:50 +0200 |
| commit | 42d7565ba9b97effdee3f737e32541b26b7341ab (patch) | |
| tree | 397809a3509520df69cb068791585cf1a77637d9 /org.eclipse.jgit.test/pom.xml | |
| parent | 9c5b31703f278c510bec64fa7a822713feaca6f2 (diff) | |
| download | jgit-42d7565ba9b97effdee3f737e32541b26b7341ab.tar.gz jgit-42d7565ba9b97effdee3f737e32541b26b7341ab.zip | |
Validate paths during DirCheckout
DirCacheCheckout and CanonicalTreeParser cooperate. CanonicalTreeParser
can detect malformed, potentially malicious tree entries and sets a
flag, while DirCacheCheckout refuses to work with such paths.
Malicious tree entries are ".", "..", ".git" (case insensitive), any
name containing '/' and (on Windows '\') and also (on Windows)
any paths ending in a combination of '.' or space or containing a ':'.
We also forbid all special names like "con" etc on Windows.
Some of the test can execute on any platform by enabling partial
platform emulation.
A new runtime exception, InvalidPathException, is introduced. For
backwards compatibility it extends InvalidArgumentException.
Change-Id: I86199105814b63d4340e5de0e471d0da6b579ead
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Diffstat (limited to 'org.eclipse.jgit.test/pom.xml')
| -rw-r--r-- | org.eclipse.jgit.test/pom.xml | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/org.eclipse.jgit.test/pom.xml b/org.eclipse.jgit.test/pom.xml index 6d5f38acb7..969e205b0b 100644 --- a/org.eclipse.jgit.test/pom.xml +++ b/org.eclipse.jgit.test/pom.xml @@ -70,6 +70,13 @@ </dependency> <dependency> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-library</artifactId> + <scope>test</scope> + <version>[1.1.0,2.0.0)</version> + </dependency> + + <dependency> <groupId>org.eclipse.jgit</groupId> <artifactId>org.eclipse.jgit</artifactId> <version>${project.version}</version> |