verify_path: consider dos drive prefix

If someone manage to create a repo with a 'C:' entry in the root-tree, files can be written outside of the working-dir. This opens up a can-of-worms of exploits. Fix it by explicitly checking for a dos drive prefix when verifying a paht. While we're at it, make sure that paths beginning with '\' is considered absolute as well. Noticed-by: Theo Niessink <theo@taletn.com> Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Erik Faye-Lund <kusmabite@gmail.com> 2011-05-27 16:00:40 (GMT)
committer: Junio C Hamano <gitster@pobox.com> 2011-05-27 17:59:18 (GMT)
commit: 56948cb6aa8189e3b77c700119d179172e0f8c4a (patch)
tree: 72aedbd05bfbe0621077b69aa846b4c95ba23170 /read-cache.c
parent: d1c69255a1014ccaeb9841f2114e20f048556391 (diff)
download: git-56948cb6aa8189e3b77c700119d179172e0f8c4a.zip
git-56948cb6aa8189e3b77c700119d179172e0f8c4a.tar.gz
git-56948cb6aa8189e3b77c700119d179172e0f8c4a.tar.bz2
1 files changed, 4 insertions, 1 deletions
diff --git a/read-cache.c b/read-cache.c
index 0480d94..31cf0b5 100644
--- a/read-cache.c
+++ b/read-cache.c
@@ -774,11 +774,14 @@ int verify_path(const char *path)
 {
 	char c;
 
+	if (has_dos_drive_prefix(path))
+		return 0;
+
 	goto inside;
 	for (;;) {
 		if (!c)
 			return 1;
-		if (c == '/') {
+		if (is_dir_sep(c)) {
 inside:
 			c = *path++;
 			switch (c) {
author	Erik Faye-Lund <kusmabite@gmail.com>	2011-05-27 16:00:40 (GMT)
committer	Junio C Hamano <gitster@pobox.com>	2011-05-27 17:59:18 (GMT)
commit	56948cb6aa8189e3b77c700119d179172e0f8c4a (patch)
tree	72aedbd05bfbe0621077b69aa846b4c95ba23170 /read-cache.c
parent	d1c69255a1014ccaeb9841f2114e20f048556391 (diff)
download	git-56948cb6aa8189e3b77c700119d179172e0f8c4a.zip git-56948cb6aa8189e3b77c700119d179172e0f8c4a.tar.gz git-56948cb6aa8189e3b77c700119d179172e0f8c4a.tar.bz2