Skip to content

G
git2
Commit 1ee9b1fb by Edward Thomson
Options

url: only allow @s in usernames for ssh urls 

Enforce the RFC for other protocols; Google's questionable choices about
malformed SSH protocols shouldn't impact our ability to properly parse
HTTPS.
parent 373a3c9a
Showing with 15 additions and 3 deletions
src/util/net.c
...@@ -104,7 +104,8 @@ static int url_parse_authority( ...@@ -104,7 +104,8 @@ static int url_parse_authority(
const char **password_start, size_t *password_len, const char **password_start, size_t *password_len,
const char **host_start, size_t *host_len, const char **host_start, size_t *host_len,
const char **port_start, size_t *port_len, const char **port_start, size_t *port_len,
const char *authority_start, size_t len) const char *authority_start, size_t len,
const char *scheme_start, size_t scheme_len)
{ {
const char *c, *hostport_end, *host_end = NULL, const char *c, *hostport_end, *host_end = NULL,
*userpass_end, *user_end = NULL; *userpass_end, *user_end = NULL;
...@@ -194,6 +195,10 @@ static int url_parse_authority( ...@@ -194,6 +195,10 @@ static int url_parse_authority(
return url_invalid("malformed hostname"); return url_invalid("malformed hostname");
case USERPASS: case USERPASS:
if (*c == '@' &&
strncasecmp(scheme_start, "ssh", scheme_len))
return url_invalid("malformed hostname");
if (*c == ':') { if (*c == ':') {
*password_start = c + 1; *password_start = c + 1;
*password_len = userpass_end - *password_start; *password_len = userpass_end - *password_start;
...@@ -307,7 +312,8 @@ int git_net_url_parse(git_net_url *url, const char *given) ...@@ -307,7 +312,8 @@ int git_net_url_parse(git_net_url *url, const char *given)
&password_start,&password_len, &password_start,&password_len,
&host_start, &host_len, &host_start, &host_len,
&port_start, &port_len, &port_start, &port_len,
authority_start, (c - authority_start))) < 0) authority_start, (c - authority_start),
scheme_start, scheme_len)) < 0)
goto done; goto done;
/* fall through */ /* fall through */
...@@ -365,7 +371,8 @@ int git_net_url_parse(git_net_url *url, const char *given) ...@@ -365,7 +371,8 @@ int git_net_url_parse(git_net_url *url, const char *given)
&password_start,&password_len, &password_start,&password_len,
&host_start, &host_len, &host_start, &host_len,
&port_start, &port_len, &port_start, &port_len,
authority_start, (c - authority_start))) < 0) authority_start, (c - authority_start),
scheme_start, scheme_len)) < 0)
goto done; goto done;
break; break;
case PATH_START: case PATH_START:
......
tests/util/url/parse.c
...@@ -749,6 +749,11 @@ void test_url_parse__empty_path_with_empty_authority(void) ...@@ -749,6 +749,11 @@ void test_url_parse__empty_path_with_empty_authority(void)
cl_assert_equal_i(git_net_url_is_default_port(&conndata), 1); cl_assert_equal_i(git_net_url_is_default_port(&conndata), 1);
} }
void test_url_parse__http_follows_the_rfc(void)
{
cl_git_fail(git_net_url_parse(&conndata, "https://my.email.address@gmail.com@source.developers.google.com:4433/p/my-project/r/my-repository"));
}
void test_url_parse__ssh_from_terrible_google_rfc_violating_products(void) void test_url_parse__ssh_from_terrible_google_rfc_violating_products(void)
{ {
cl_git_pass(git_net_url_parse(&conndata, "ssh://my.email.address@gmail.com@source.developers.google.com:2022/p/my-project/r/my-repository")); cl_git_pass(git_net_url_parse(&conndata, "ssh://my.email.address@gmail.com@source.developers.google.com:2022/p/my-project/r/my-repository"));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment