Fixed a parsing issue in git_prettify_dir_path().

ae7ffea9 · nulltoken · Vicent Marti · b29e8f19 · ae7ffea9 · ae7ffea9
Commit ae7ffea9 authored Jan 22, 2011 by nulltoken Committed by Vicent Marti Jan 29, 2011
Show whitespace changes
Inline Side-by-side

Showing with 37 additions and 16 deletions

src/fileops.c
+29 -16

tests/t0005-path.c
+8 -0

No files found.
--- a/src/fileops.c
+++ b/src/fileops.c
@@ -394,8 +394,9 @@ static int retrieve_previous_path_component_start(const char *path)
 int git_prettify_dir_path(char *buffer_out, const char *path)
 {
 	int len = 0;
-	char *current;
+	char *current, *end;
 	const char *buffer_out_start, *buffer_end;
+	int only_dots;
 	buffer_out_start = buffer_out;
 	current = (char *)path;
@@ -408,39 +409,51 @@ int git_prettify_dir_path(char *buffer_out, const char *path)
 			continue;
 		}
-		/* Skip current directory */
+		end = current;
-		if (*current == '.') {
+		only_dots = 1;
-			current++;
-			/* Handle the double-dot upward directory navigation */
+		/* Seek end of path segment */
-			if (current < buffer_end && *current == '.') {
+		while (end < buffer_end && *end !='/')
-				current++;
+		{
+			only_dots &= (*end == '.');
+			end++;
+		}
-				/* Guard against potential multiple dot path traversal (cf http://cwe.mitre.org/data/definitions/33.html) */
+		/* Skip current directory */
-				if (*current == '.')
+		if (only_dots && end == current + 1)
-					return GIT_ERROR;
+		{
+			current += 2;
+			continue;
+		}
+		/* Handle the double-dot upward directory navigation */
+		if (only_dots && end == current + 2)
+		{
 			*buffer_out ='\0';
 			len = retrieve_previous_path_component_start(buffer_out_start);
 			if (len < GIT_SUCCESS)
 				return GIT_ERROR;
 			buffer_out = (char *)buffer_out_start + len;
-			}
-			if (current < buffer_end && *current == '/')
-				current++;
+			current += 3;
 			continue;
 		}
+		/* Guard against potential multiple dot path traversal (cf http://cwe.mitre.org/data/definitions/33.html) */
+		if (only_dots && end > current)
+			return GIT_ERROR;
+		/* Copy to output the path segment */
+		while (current < end)
+		{
 			*buffer_out++ = *current++;
 			len++;
 		}
-	/* Add a trailing slash if required */
-	if (len > 0 && buffer_out_start[len-1] != '/')
 		*buffer_out++ = '/';
+		len++;
+	}
 	*buffer_out = '\0';

--- a/tests/t0005-path.c
+++ b/tests/t0005-path.c
@@ -20,6 +20,10 @@ static int ensure_normalized(const char *input_path, const char *expected_path)
 }
 BEGIN_TEST(path_prettifying)
+	must_pass(ensure_normalized("./testrepo.git", "testrepo.git/"));
+	must_pass(ensure_normalized("./.git", ".git/"));
+	must_pass(ensure_normalized("./git.", "git./"));
+	must_pass(ensure_normalized("git./", "git./"));
 	must_pass(ensure_normalized("", ""));
 	must_pass(ensure_normalized(".", ""));
 	must_pass(ensure_normalized("./", ""));
@@ -54,6 +58,10 @@ BEGIN_TEST(path_prettifying)
 	must_fail(ensure_normalized("d1/.../", NULL));
 	must_fail(ensure_normalized("d1/.../d2", NULL));
+	must_pass(ensure_normalized("/./testrepo.git", "/testrepo.git/"));
+	must_pass(ensure_normalized("/./.git", "/.git/"));
+	must_pass(ensure_normalized("/./git.", "/git./"));
+	must_pass(ensure_normalized("/git./", "/git./"));
 	must_pass(ensure_normalized("/", "/"));
 	must_pass(ensure_normalized("//", "/"));
 	must_pass(ensure_normalized("///", "/"));