Commit e16c2f6a by nulltoken Committed by Vicent Marti

Small enhancements to git_prettify_dir_path().

 - Secured buffer ahead reading.
 - Guard against potential multiple dot path traversal (cf http://cwe.mitre.org/data/definitions/33.html)
parent e08b246c
...@@ -413,9 +413,13 @@ int git_prettify_dir_path(char *buffer_out, const char *path) ...@@ -413,9 +413,13 @@ int git_prettify_dir_path(char *buffer_out, const char *path)
current++; current++;
/* Handle the double-dot upward directory navigation */ /* Handle the double-dot upward directory navigation */
if (*current == '.') { if (current < buffer_end && *current == '.') {
current++; current++;
/* Guard against potential multiple dot path traversal (cf http://cwe.mitre.org/data/definitions/33.html) */
if (*current == '.')
return GIT_ERROR;
*buffer_out ='\0'; *buffer_out ='\0';
len = retrieve_previous_path_component_start(buffer_out_start); len = retrieve_previous_path_component_start(buffer_out_start);
if (len < GIT_SUCCESS) if (len < GIT_SUCCESS)
...@@ -424,7 +428,7 @@ int git_prettify_dir_path(char *buffer_out, const char *path) ...@@ -424,7 +428,7 @@ int git_prettify_dir_path(char *buffer_out, const char *path)
buffer_out = (char *)buffer_out_start + len; buffer_out = (char *)buffer_out_start + len;
} }
if (*current == '/') if (current < buffer_end && *current == '/')
current++; current++;
continue; continue;
......
...@@ -47,6 +47,12 @@ BEGIN_TEST(path_prettifying) ...@@ -47,6 +47,12 @@ BEGIN_TEST(path_prettifying)
must_pass(ensure_normalized("d1/s1///s2/..//../s3/", "d1/s3/")); must_pass(ensure_normalized("d1/s1///s2/..//../s3/", "d1/s3/"));
must_pass(ensure_normalized("d1/s1//../s2/../../d2", "d2/")); must_pass(ensure_normalized("d1/s1//../s2/../../d2", "d2/"));
must_pass(ensure_normalized("dir/sub/../", "dir/")); must_pass(ensure_normalized("dir/sub/../", "dir/"));
must_fail(ensure_normalized("....", NULL));
must_fail(ensure_normalized("...", NULL));
must_fail(ensure_normalized("./...", NULL));
must_fail(ensure_normalized("d1/...", NULL));
must_fail(ensure_normalized("d1/.../", NULL));
must_fail(ensure_normalized("d1/.../d2", NULL));
must_pass(ensure_normalized("/", "/")); must_pass(ensure_normalized("/", "/"));
must_pass(ensure_normalized("//", "/")); must_pass(ensure_normalized("//", "/"));
...@@ -70,4 +76,10 @@ BEGIN_TEST(path_prettifying) ...@@ -70,4 +76,10 @@ BEGIN_TEST(path_prettifying)
must_pass(ensure_normalized("/dir/s1/../s2/", "/dir/s2/")); must_pass(ensure_normalized("/dir/s1/../s2/", "/dir/s2/"));
must_pass(ensure_normalized("/d1/s1///s2/..//../s3/", "/d1/s3/")); must_pass(ensure_normalized("/d1/s1///s2/..//../s3/", "/d1/s3/"));
must_pass(ensure_normalized("/d1/s1//../s2/../../d2", "/d2/")); must_pass(ensure_normalized("/d1/s1//../s2/../../d2", "/d2/"));
must_fail(ensure_normalized("/....", NULL));
must_fail(ensure_normalized("/...", NULL));
must_fail(ensure_normalized("/./...", NULL));
must_fail(ensure_normalized("/d1/...", NULL));
must_fail(ensure_normalized("/d1/.../", NULL));
must_fail(ensure_normalized("/d1/.../d2", NULL));
END_TEST END_TEST
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment