Commit e96fc0283aea9afd02f64bdcb26613422e74dc3a
2021-08-08T13:22:53
tests: optional test for p_open() with empty path segments
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 2bc91e7..4615504 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -86,7 +86,7 @@ jobs:
env:
CC: gcc
CMAKE_GENERATOR: Ninja
- CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DDEBUG_STRICT_ALLOC=ON
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON
os: ubuntu-latest
- # Xenial, GCC, mbedTLS
container:
diff --git a/CMakeLists.txt b/CMakeLists.txt
index ff34119..9375038 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -51,6 +51,7 @@ OPTION(USE_STANDALONE_FUZZERS "Enable standalone fuzzers (compatible with gcc)"
OPTION(USE_LEAK_CHECKER "Run tests with leak checker" OFF)
OPTION(DEBUG_POOL "Enable debug pool allocator" OFF)
OPTION(DEBUG_STRICT_ALLOC "Enable strict allocator behavior" OFF)
+OPTION(DEBUG_STRICT_OPEN "Enable path validation in open" OFF)
OPTION(ENABLE_WERROR "Enable compilation with -Werror" OFF)
OPTION(USE_BUNDLED_ZLIB "Use the bundled version of zlib. Can be set to one of Bundled(ON)/Chromium. The Chromium option requires a x86_64 processor with SSE4.2 and CLMUL" OFF)
SET(USE_HTTP_PARSER "" CACHE STRING "Specifies the HTTP Parser implementation; either system or builtin.")
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index d340899..54099c3 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -11,6 +11,11 @@ IF(DEBUG_STRICT_ALLOC)
ENDIF()
ADD_FEATURE_INFO(debugalloc GIT_DEBUG_STRICT_ALLOC "debug strict allocators")
+IF(DEBUG_STRICT_OPEN)
+ SET(GIT_DEBUG_STRICT_OPEN 1)
+ENDIF()
+ADD_FEATURE_INFO(debugopen GIT_DEBUG_STRICT_OPEN "path validation in open")
+
INCLUDE(PkgBuildConfig)
INCLUDE(SanitizeBool)
diff --git a/src/features.h.in b/src/features.h.in
index ab523f9..21e5fdc 100644
--- a/src/features.h.in
+++ b/src/features.h.in
@@ -3,6 +3,7 @@
#cmakedefine GIT_DEBUG_POOL 1
#cmakedefine GIT_DEBUG_STRICT_ALLOC 1
+#cmakedefine GIT_DEBUG_STRICT_OPEN 1
#cmakedefine GIT_TRACE 1
#cmakedefine GIT_THREADS 1
diff --git a/src/posix.c b/src/posix.c
index bf764ae..c401348 100644
--- a/src/posix.c
+++ b/src/posix.c
@@ -109,6 +109,13 @@ int p_open(const char *path, volatile int flags, ...)
{
mode_t mode = 0;
+ #ifdef GIT_DEBUG_STRICT_OPEN
+ if (strstr(path, "//") != NULL) {
+ errno = EACCES;
+ return -1;
+ }
+ #endif
+
if (flags & O_CREAT) {
va_list arg_list;
diff --git a/src/win32/posix_w32.c b/src/win32/posix_w32.c
index 0a8f2be..7fcc472 100644
--- a/src/win32/posix_w32.c
+++ b/src/win32/posix_w32.c
@@ -543,6 +543,13 @@ int p_open(const char *path, int flags, ...)
mode_t mode = 0;
struct open_opts opts = {0};
+ #ifdef GIT_DEBUG_STRICT_OPEN
+ if (strstr(path, "//") != NULL) {
+ errno = EACCES;
+ return -1;
+ }
+ #endif
+
if (git_win32_path_from_utf8(wpath, path) < 0)
return -1;