Commit 289aaa414b4d31a0a2412c0395ff7053cef1ccff
2021-04-04T20:46:40
ignore: validate workdir paths for ignore files
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52
diff --git a/src/ignore.c b/src/ignore.c
index 085b0e9..700a672 100644
--- a/src/ignore.c
+++ b/src/ignore.c
@@ -309,12 +309,17 @@ int git_ignore__for_path(
if ((error = git_path_dirname_r(&local, path)) < 0 ||
(error = git_path_resolve_relative(&local, 0)) < 0 ||
(error = git_path_to_dir(&local)) < 0 ||
- (error = git_buf_joinpath(&ignores->dir, workdir, local.ptr)) < 0)
- {;} /* Nothing, we just want to stop on the first error */
+ (error = git_buf_joinpath(&ignores->dir, workdir, local.ptr)) < 0 ||
+ (error = git_path_validate_workdir_buf(repo, &ignores->dir)) < 0) {
+ /* Nothing, we just want to stop on the first error */
+ }
+
git_buf_dispose(&local);
} else {
- error = git_buf_joinpath(&ignores->dir, path, "");
+ if (!(error = git_buf_joinpath(&ignores->dir, path, "")))
+ error = git_path_validate_filesystem(ignores->dir.ptr, ignores->dir.size);
}
+
if (error < 0)
goto cleanup;
@@ -590,7 +595,7 @@ int git_ignore__check_pathspec_for_exact_ignores(
git_attr_fnmatch *match;
int ignored;
git_buf path = GIT_BUF_INIT;
- const char *wd, *filename;
+ const char *filename;
git_index *idx;
if ((error = git_repository__ensure_not_bare(
@@ -598,8 +603,6 @@ int git_ignore__check_pathspec_for_exact_ignores(
(error = git_repository_index(&idx, repo)) < 0)
return error;
- wd = git_repository_workdir(repo);
-
git_vector_foreach(vspec, i, match) {
/* skip wildcard matches (if they are being used) */
if ((match->flags & GIT_ATTR_FNMATCH_HASWILD) != 0 &&
@@ -612,7 +615,7 @@ int git_ignore__check_pathspec_for_exact_ignores(
if (git_index_get_bypath(idx, filename, 0) != NULL)
continue;
- if ((error = git_buf_joinpath(&path, wd, filename)) < 0)
+ if ((error = git_repository_workdir_path(&path, repo, filename)) < 0)
break;
/* is there a file on disk that matches this exactly? */