Commit 8aedf1d5 by nulltoken

signature: prevent angle bracket usage in identity

parent 118cf57d
......@@ -23,6 +23,9 @@ GIT_BEGIN_DECL
* Create a new action signature. The signature must be freed
* manually or using git_signature_free
*
* Note: angle brackets ('<' and '>') characters are not allowed
* to be used in either the `name` or the `email` parameter.
*
* @param sig_out new signature, in case of error NULL
* @param name name of the person
* @param email email of the person
......
......@@ -40,7 +40,7 @@ static const char *skip_trailing_spaces(const char *buffer_start, const char *bu
static int signature_error(const char *msg)
{
giterr_set(GITERR_INVALID, "Failed to parse signature - %s", msg);
giterr_set(GITERR_INVALID, "Failed to process signature - %s", msg);
return -1;
}
......@@ -72,9 +72,16 @@ static int process_trimming(const char *input, char **storage, const char *input
return 0;
}
static bool contains_angle_brackets(const char *input)
{
if (strchr(input, '<') != NULL)
return true;
return strchr(input, '>') != NULL;
}
int git_signature_new(git_signature **sig_out, const char *name, const char *email, git_time_t time, int offset)
{
int error;
git_signature *p = NULL;
assert(name && email);
......@@ -84,11 +91,18 @@ int git_signature_new(git_signature **sig_out, const char *name, const char *ema
p = git__calloc(1, sizeof(git_signature));
GITERR_CHECK_ALLOC(p);
if ((error = process_trimming(name, &p->name, name + strlen(name), 1)) < 0 ||
(error = process_trimming(email, &p->email, email + strlen(email), 1)) < 0)
if (process_trimming(name, &p->name, name + strlen(name), 1) < 0 ||
process_trimming(email, &p->email, email + strlen(email), 1) < 0)
{
git_signature_free(p);
return error;
return -1;
}
if (contains_angle_brackets(p->email) ||
contains_angle_brackets(p->name))
{
git_signature_free(p);
return signature_error("Neither `name` nor `email` should contain angle brackets chars.");
}
p->when.time = time;
......
......@@ -13,17 +13,39 @@ static int try_build_signature(const char *name, const char *email, git_time_t t
return error;
}
void test_commit_signature__create_trim(void)
static void assert_name_and_email(
const char *expected_name,
const char *expected_email,
const char *name,
const char *email)
{
// creating a signature trims leading and trailing spaces
git_signature *sign;
cl_git_pass(git_signature_new(&sign, " nulltoken ", " emeric.fermas@gmail.com ", 1234567890, 60));
cl_assert(strcmp(sign->name, "nulltoken") == 0);
cl_assert(strcmp(sign->email, "emeric.fermas@gmail.com") == 0);
git_signature_free((git_signature *)sign);
cl_git_pass(git_signature_new(&sign, name, email, 1234567890, 60));
cl_assert_equal_s(expected_name, sign->name);
cl_assert_equal_s(expected_email, sign->email);
git_signature_free(sign);
}
void test_commit_signature__leading_and_trailing_spaces_are_trimmed(void)
{
assert_name_and_email("nulltoken", "emeric.fermas@gmail.com", " nulltoken ", " emeric.fermas@gmail.com ");
}
void test_commit_signature__angle_brackets_in_names_are_not_supported(void)
{
cl_git_fail(try_build_signature("<Phil Haack", "phil@haack", 1234567890, 60));
cl_git_fail(try_build_signature("Phil>Haack", "phil@haack", 1234567890, 60));
cl_git_fail(try_build_signature("<Phil Haack>", "phil@haack", 1234567890, 60));
}
void test_commit_signature__angle_brackets_in_email_are_not_supported(void)
{
cl_git_fail(try_build_signature("Phil Haack", ">phil@haack", 1234567890, 60));
cl_git_fail(try_build_signature("Phil Haack", "phil@>haack", 1234567890, 60));
cl_git_fail(try_build_signature("Phil Haack", "<phil@haack>", 1234567890, 60));
}
void test_commit_signature__create_empties(void)
{
......@@ -39,21 +61,13 @@ void test_commit_signature__create_empties(void)
void test_commit_signature__create_one_char(void)
{
// creating a one character signature
git_signature *sign;
cl_git_pass(git_signature_new(&sign, "x", "foo@bar.baz", 1234567890, 60));
cl_assert(strcmp(sign->name, "x") == 0);
cl_assert(strcmp(sign->email, "foo@bar.baz") == 0);
git_signature_free((git_signature *)sign);
assert_name_and_email("x", "foo@bar.baz", "x", "foo@bar.baz");
}
void test_commit_signature__create_two_char(void)
{
// creating a two character signature
git_signature *sign;
cl_git_pass(git_signature_new(&sign, "xx", "x@y.z", 1234567890, 60));
cl_assert(strcmp(sign->name, "xx") == 0);
cl_assert(strcmp(sign->email, "x@y.z") == 0);
git_signature_free((git_signature *)sign);
assert_name_and_email("xx", "foo@bar.baz", "xx", "foo@bar.baz");
}
void test_commit_signature__create_zero_char(void)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment