Revision 1d1d69bc52dcc7def5b2edbd165cc0a4e3911c8e authored by Johannes Schindelin on 16 December 2014, 22:31:03 UTC, committed by Junio C Hamano on 17 December 2014, 19:04:45 UTC
We do not allow paths with a ".git" component to be added to
the index, as that would mean repository contents could
overwrite our repository files. However, asking "is this
path the same as .git" is not as simple as strcmp() on some
filesystems.
On NTFS (and FAT32), there exist so-called "short names" for
backwards-compatibility: 8.3 compliant names that refer to the same files
as their long names. As ".git" is not an 8.3 compliant name, a short name
is generated automatically, typically "git~1".
Depending on the Windows version, any combination of trailing spaces and
periods are ignored, too, so that both "git~1." and ".git." still refer
to the Git directory. The reason is that 8.3 stores file names shorter
than 8 characters with trailing spaces. So literally, it does not matter
for the short name whether it is padded with spaces or whether it is
shorter than 8 characters, it is considered to be the exact same.
The period is the separator between file name and file extension, and
again, an empty extension consists just of spaces in 8.3 format. So
technically, we would need only take care of the equivalent of this
regex:
(\.git {0,4}|git~1 {0,3})\. {0,3}
However, there are indications that at least some Windows versions might
be more lenient and accept arbitrary combinations of trailing spaces and
periods and strip them out. So we're playing it real safe here. Besides,
there can be little doubt about the intention behind using file names
matching even the more lenient pattern specified above, therefore we
should be fine with disallowing such patterns.
Extra care is taken to catch names such as '.\\.git\\booh' because the
backslash is marked as a directory separator only on Windows, and we want
to use this new helper function also in fsck on other platforms.
A big thank you goes to Ed Thomson and an unnamed Microsoft engineer for
the detailed analysis performed to come up with the corresponding fixes
for libgit2.
This commit adds a function to detect whether a given file name can refer
to the Git directory by mistake.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
1 parent a18fcc9
version.c
#include "git-compat-util.h"
#include "version.h"
#include "strbuf.h"
const char git_version_string[] = GIT_VERSION;
const char *git_user_agent(void)
{
static const char *agent = NULL;
if (!agent) {
agent = getenv("GIT_USER_AGENT");
if (!agent)
agent = GIT_USER_AGENT;
}
return agent;
}
const char *git_user_agent_sanitized(void)
{
static const char *agent = NULL;
if (!agent) {
struct strbuf buf = STRBUF_INIT;
int i;
strbuf_addstr(&buf, git_user_agent());
strbuf_trim(&buf);
for (i = 0; i < buf.len; i++) {
if (buf.buf[i] <= 32 || buf.buf[i] >= 127)
buf.buf[i] = '.';
}
agent = buf.buf;
}
return agent;
}
Computing file changes ...
