diff options
| author | Johannes Schindelin <johannes.schindelin@gmx.de> | 2019-09-18 15:25:02 +0200 |
|---|---|---|
| committer | Edward Thomson <ethomson@edwardthomson.com> | 2019-12-10 18:01:06 +1000 |
| commit | 64c612cc3e25eff5fb02c59ef5a66ba7a14751e4 (patch) | |
| tree | 1437126d8d009e085d231dba94efd9e0e21a5084 /tests/checkout | |
| parent | d29d4de2d8982a709e38490c699182a534812e26 (diff) | |
| download | libgit2-64c612cc3e25eff5fb02c59ef5a66ba7a14751e4.tar.gz | |
Protect against 8.3 "short name" attacks also on Linux/macOS
The Windows Subsystem for Linux (WSL) is getting increasingly popular,
in particular because it makes it _so_ easy to run Linux software on
Windows' files, via the auto-mounted Windows drives (`C:\` is mapped to
`/mnt/c/`, no need to set that up manually).
Unfortunately, files/directories on the Windows drives can be accessed
via their _short names_, if that feature is enabled (which it is on the
`C:` drive by default).
Which means that we have to safeguard even our Linux users against the
short name attacks.
Further, while the default options of CIFS/SMB-mounts seem to disallow
accessing files on network shares via their short names on Linux/macOS,
it _is_ possible to do so with the right options.
So let's just safe-guard against short name attacks _everywhere_.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Diffstat (limited to 'tests/checkout')
| -rw-r--r-- | tests/checkout/nasty.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/tests/checkout/nasty.c b/tests/checkout/nasty.c index 3897878ce..a0ac738a8 100644 --- a/tests/checkout/nasty.c +++ b/tests/checkout/nasty.c @@ -206,9 +206,8 @@ void test_checkout_nasty__dot_git_dot(void) */ void test_checkout_nasty__git_tilde1(void) { -#ifdef GIT_WIN32 test_checkout_fails("refs/heads/git_tilde1", ".git/foobar"); -#endif + test_checkout_fails("refs/heads/git_tilde1", "git~1/foobar"); } /* A tree that contains an entry "git~2", when we have forced the short |