summaryrefslogtreecommitdiff
path: root/read-cache.c
diff options
context:
space:
mode:
authorErik Faye-Lund <kusmabite@gmail.com>2011-05-27 18:00:40 +0200
committerJunio C Hamano <gitster@pobox.com>2011-05-27 10:59:18 -0700
commit56948cb6aa8189e3b77c700119d179172e0f8c4a (patch)
tree72aedbd05bfbe0621077b69aa846b4c95ba23170 /read-cache.c
parentd1c69255a1014ccaeb9841f2114e20f048556391 (diff)
downloadgit-56948cb6aa8189e3b77c700119d179172e0f8c4a.tar.gz
verify_path: consider dos drive prefix
If someone manage to create a repo with a 'C:' entry in the root-tree, files can be written outside of the working-dir. This opens up a can-of-worms of exploits. Fix it by explicitly checking for a dos drive prefix when verifying a paht. While we're at it, make sure that paths beginning with '\' is considered absolute as well. Noticed-by: Theo Niessink <theo@taletn.com> Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'read-cache.c')
-rw-r--r--read-cache.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/read-cache.c b/read-cache.c
index 0480d9455c..31cf0b503a 100644
--- a/read-cache.c
+++ b/read-cache.c
@@ -774,11 +774,14 @@ int verify_path(const char *path)
{
char c;
+ if (has_dos_drive_prefix(path))
+ return 0;
+
goto inside;
for (;;) {
if (!c)
return 1;
- if (c == '/') {
+ if (is_dir_sep(c)) {
inside:
c = *path++;
switch (c) {