Commit 1e7799e8 by Russell Belfer

Implement config key validation rules

This is a new implementation of core git's config key checking
rules that prevents non-alphanumeric characters (and '-') for
the top-level section and key names inside of config files.

This also validates the target section name when renaming
sections.
parent 17c92bea
...@@ -11,6 +11,7 @@ ...@@ -11,6 +11,7 @@
#include "git2/config.h" #include "git2/config.h"
#include "vector.h" #include "vector.h"
#include "buf_text.h" #include "buf_text.h"
#include "config_file.h"
#if GIT_WIN32 #if GIT_WIN32
# include <windows.h> # include <windows.h>
#endif #endif
...@@ -758,42 +759,36 @@ fail_parse: ...@@ -758,42 +759,36 @@ fail_parse:
return -1; return -1;
} }
struct rename_data struct rename_data {
{
git_config *config; git_config *config;
const char *old_name; git_buf *name;
const char *new_name; size_t old_len;
int actual_error;
}; };
static int rename_config_entries_cb( static int rename_config_entries_cb(
const git_config_entry *entry, const git_config_entry *entry,
void *payload) void *payload)
{ {
int error = 0;
struct rename_data *data = (struct rename_data *)payload; struct rename_data *data = (struct rename_data *)payload;
size_t base_len = git_buf_len(data->name);
if (data->new_name != NULL) { if (base_len > 0 &&
git_buf name = GIT_BUF_INIT; !(error = git_buf_puts(data->name, entry->name + data->old_len)))
int error; {
error = git_config_set_string(
data->config, git_buf_cstr(data->name), entry->value);
if (git_buf_printf( git_buf_truncate(data->name, base_len);
&name, }
"%s.%s",
data->new_name,
entry->name + strlen(data->old_name) + 1) < 0)
return -1;
error = git_config_set_string( if (!error)
data->config, error = git_config_delete_entry(data->config, entry->name);
git_buf_cstr(&name),
entry->value);
git_buf_free(&name); data->actual_error = error; /* preserve actual error code */
if (error)
return error; return error;
}
return git_config_delete_entry(data->config, entry->name);
} }
int git_config_rename_section( int git_config_rename_section(
...@@ -802,36 +797,44 @@ int git_config_rename_section( ...@@ -802,36 +797,44 @@ int git_config_rename_section(
const char *new_section_name) const char *new_section_name)
{ {
git_config *config; git_config *config;
git_buf pattern = GIT_BUF_INIT; git_buf pattern = GIT_BUF_INIT, replace = GIT_BUF_INIT;
int error = -1; int error = 0;
struct rename_data data; struct rename_data data;
git_buf_text_puts_escape_regex(&pattern, old_section_name); git_buf_text_puts_escape_regex(&pattern, old_section_name);
git_buf_puts(&pattern, "\\..+");
if (git_buf_oom(&pattern)) if ((error = git_buf_puts(&pattern, "\\..+")) < 0)
goto cleanup; goto cleanup;
if (git_repository_config__weakptr(&config, repo) < 0) if ((error = git_repository_config__weakptr(&config, repo)) < 0)
goto cleanup; goto cleanup;
data.config = config; data.config = config;
data.old_name = old_section_name; data.name = &replace;
data.new_name = new_section_name; data.old_len = strlen(old_section_name) + 1;
data.actual_error = 0;
if ((error = git_config_foreach_match( if ((error = git_buf_join(&replace, '.', new_section_name, "")) < 0)
config, goto cleanup;
git_buf_cstr(&pattern),
rename_config_entries_cb, &data)) < 0) { if (new_section_name != NULL &&
giterr_set(GITERR_CONFIG, (error = git_config_file_normalize_section(
"Cannot rename config section '%s' to '%s'", replace.ptr, strchr(replace.ptr, '.'))) < 0)
old_section_name, {
new_section_name); giterr_set(
GITERR_CONFIG, "Invalid config section '%s'", new_section_name);
goto cleanup; goto cleanup;
} }
error = 0; error = git_config_foreach_match(
config, git_buf_cstr(&pattern), rename_config_entries_cb, &data);
if (error == GIT_EUSER)
error = data.actual_error;
cleanup: cleanup:
git_buf_free(&pattern); git_buf_free(&pattern);
git_buf_free(&replace);
return error; return error;
} }
...@@ -105,6 +105,29 @@ static void cvar_free(cvar_t *var) ...@@ -105,6 +105,29 @@ static void cvar_free(cvar_t *var)
git__free(var); git__free(var);
} }
int git_config_file_normalize_section(char *start, char *end)
{
char *scan;
if (start == end)
return GIT_EINVALIDSPEC;
/* Validate and downcase range */
for (scan = start; *scan; ++scan) {
if (end && scan >= end)
break;
if (isalnum(*scan))
*scan = tolower(*scan);
else if (*scan != '-' || scan == start)
return GIT_EINVALIDSPEC;
}
if (scan == start)
return GIT_EINVALIDSPEC;
return 0;
}
/* Take something the user gave us and make it nice for our hash function */ /* Take something the user gave us and make it nice for our hash function */
static int normalize_name(const char *in, char **out) static int normalize_name(const char *in, char **out)
{ {
...@@ -118,19 +141,26 @@ static int normalize_name(const char *in, char **out) ...@@ -118,19 +141,26 @@ static int normalize_name(const char *in, char **out)
fdot = strchr(name, '.'); fdot = strchr(name, '.');
ldot = strrchr(name, '.'); ldot = strrchr(name, '.');
if (fdot == NULL || ldot == NULL) { if (fdot == NULL || fdot == name || ldot == NULL || !ldot[1])
git__free(name); goto invalid;
giterr_set(GITERR_CONFIG,
"Invalid variable name: '%s'", in); /* Validate and downcase up to first dot and after last dot */
return -1; if (git_config_file_normalize_section(name, fdot) < 0 ||
} git_config_file_normalize_section(ldot + 1, NULL) < 0)
goto invalid;
/* Downcase up to the first dot and after the last one */ /* If there is a middle range, make sure it doesn't have newlines */
git__strntolower(name, fdot - name); while (fdot < ldot)
git__strtolower(ldot); if (*fdot++ == '\n')
goto invalid;
*out = name; *out = name;
return 0; return 0;
invalid:
git__free(name);
giterr_set(GITERR_CONFIG, "Invalid config item name '%s'", in);
return GIT_EINVALIDSPEC;
} }
static void free_vars(git_strmap *values) static void free_vars(git_strmap *values)
...@@ -271,8 +301,8 @@ static int config_set(git_config_backend *cfg, const char *name, const char *val ...@@ -271,8 +301,8 @@ static int config_set(git_config_backend *cfg, const char *name, const char *val
khiter_t pos; khiter_t pos;
int rval, ret; int rval, ret;
if (normalize_name(name, &key) < 0) if ((rval = normalize_name(name, &key)) < 0)
return -1; return rval;
/* /*
* Try to find it in the existing values and update it if it * Try to find it in the existing values and update it if it
...@@ -352,9 +382,10 @@ static int config_get(const git_config_backend *cfg, const char *name, const git ...@@ -352,9 +382,10 @@ static int config_get(const git_config_backend *cfg, const char *name, const git
diskfile_backend *b = (diskfile_backend *)cfg; diskfile_backend *b = (diskfile_backend *)cfg;
char *key; char *key;
khiter_t pos; khiter_t pos;
int error;
if (normalize_name(name, &key) < 0) if ((error = normalize_name(name, &key)) < 0)
return -1; return error;
pos = git_strmap_lookup_index(b->values, key); pos = git_strmap_lookup_index(b->values, key);
git__free(key); git__free(key);
...@@ -379,9 +410,10 @@ static int config_get_multivar( ...@@ -379,9 +410,10 @@ static int config_get_multivar(
diskfile_backend *b = (diskfile_backend *)cfg; diskfile_backend *b = (diskfile_backend *)cfg;
char *key; char *key;
khiter_t pos; khiter_t pos;
int error;
if (normalize_name(name, &key) < 0) if ((error = normalize_name(name, &key)) < 0)
return -1; return error;
pos = git_strmap_lookup_index(b->values, key); pos = git_strmap_lookup_index(b->values, key);
git__free(key); git__free(key);
...@@ -444,8 +476,8 @@ static int config_set_multivar( ...@@ -444,8 +476,8 @@ static int config_set_multivar(
assert(regexp); assert(regexp);
if (normalize_name(name, &key) < 0) if ((result = normalize_name(name, &key)) < 0)
return -1; return result;
pos = git_strmap_lookup_index(b->values, key); pos = git_strmap_lookup_index(b->values, key);
if (!git_strmap_valid_index(b->values, pos)) { if (!git_strmap_valid_index(b->values, pos)) {
...@@ -515,8 +547,8 @@ static int config_delete(git_config_backend *cfg, const char *name) ...@@ -515,8 +547,8 @@ static int config_delete(git_config_backend *cfg, const char *name)
int result; int result;
khiter_t pos; khiter_t pos;
if (normalize_name(name, &key) < 0) if ((result = normalize_name(name, &key)) < 0)
return -1; return result;
pos = git_strmap_lookup_index(b->values, key); pos = git_strmap_lookup_index(b->values, key);
git__free(key); git__free(key);
......
...@@ -54,5 +54,7 @@ GIT_INLINE(int) git_config_file_foreach_match( ...@@ -54,5 +54,7 @@ GIT_INLINE(int) git_config_file_foreach_match(
return cfg->foreach(cfg, regexp, fn, data); return cfg->foreach(cfg, regexp, fn, data);
} }
extern int git_config_file_normalize_section(char *start, char *end);
#endif #endif
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment