mirror of
https://github.com/git/git.git
synced 2024-05-10 18:56:10 +02:00
daemon: sanitize all directory separators
When sanitizing client-supplied strings on Windows, also strip off backslashes, not just slashes. Signed-off-by: René Scharfe <l.s.r@web.de> Acked-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
René Scharfe
Junio C Hamano
parent
a5828ae6b5
commit
9a7f1ce8b7
8
daemon.c
8
daemon.c
|
|
@ -566,14 +566,14 @@ static void parse_host_and_port(char *hostport, char **host,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Sanitize a string from the client so that it's OK to be inserted into a
|
* Sanitize a string from the client so that it's OK to be inserted into a
|
||||||
* filesystem path. Specifically, we disallow slashes, runs of "..", and
|
* filesystem path. Specifically, we disallow directory separators, runs
|
||||||
* trailing and leading dots, which means that the client cannot escape
|
* of "..", and trailing and leading dots, which means that the client
|
||||||
* our base path via ".." traversal.
|
* cannot escape our base path via ".." traversal.
|
||||||
*/
|
*/
|
||||||
static void sanitize_client(struct strbuf *out, const char *in)
|
static void sanitize_client(struct strbuf *out, const char *in)
|
||||||
{
|
{
|
||||||
for (; *in; in++) {
|
for (; *in; in++) {
|
||||||
if (*in == '/')
|
if (is_dir_sep(*in))
|
||||||
continue;
|
continue;
|
||||||
if (*in == '.' && (!out->len || out->buf[out->len - 1] == '.'))
|
if (*in == '.' && (!out->len || out->buf[out->len - 1] == '.'))
|
||||||
continue;
|
continue;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue