From: "Nguyễn Thái Ngọc Duy" <pclouds@gmail.com>
To: pclouds@gmail.com
Cc: Johannes.Schindelin@gmx.de, git@vger.kernel.org,
gitster@pobox.com, hi-angel@yandex.ru, peff@peff.net,
ramsay@ramsayjones.plus.com, sunshine@sunshineco.com
Subject: [PATCH v5 1/1] worktree add: sanitize worktree names
Date: Fri, 8 Mar 2019 16:28:34 +0700 [thread overview]
Message-ID: <20190308092834.12549-2-pclouds@gmail.com> (raw)
In-Reply-To: <20190308092834.12549-1-pclouds@gmail.com>
Worktree names are based on $(basename $GIT_WORK_TREE). They aren't
significant until 3a3b9d8cde (refs: new ref types to make per-worktree
refs visible to all worktrees - 2018-10-21), where worktree name could
be part of a refname and must follow refname rules.
Update 'worktree add' code to remove special characters to follow
these rules. In the future the user will be able to specify the
worktree name by themselves if they're not happy with this dumb
character substitution.
Reported-by: Konstantin Kharlamov <hi-angel@yandex.ru>
Helped-by: Jeff King <peff@peff.net>
Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
---
builtin/worktree.c | 10 +++-
refs.c | 103 ++++++++++++++++++++++++++++++++--------
refs.h | 6 +++
t/t2400-worktree-add.sh | 5 ++
4 files changed, 104 insertions(+), 20 deletions(-)
diff --git a/builtin/worktree.c b/builtin/worktree.c
index 6cc094a453..756cf3a417 100644
--- a/builtin/worktree.c
+++ b/builtin/worktree.c
@@ -275,6 +275,7 @@ static int add_worktree(const char *path, const char *refname,
struct strbuf symref = STRBUF_INIT;
struct commit *commit = NULL;
int is_branch = 0;
+ struct strbuf sb_name = STRBUF_INIT;
validate_worktree_add(path, opts);
@@ -290,7 +291,13 @@ static int add_worktree(const char *path, const char *refname,
die(_("invalid reference: %s"), refname);
name = worktree_basename(path, &len);
- git_path_buf(&sb_repo, "worktrees/%.*s", (int)(path + len - name), name);
+ strbuf_add(&sb, name, path + len - name);
+ sanitize_refname_component(sb.buf, &sb_name);
+ if (!sb_name.len)
+ BUG("How come '%s' becomes empty after sanitization?", sb.buf);
+ strbuf_reset(&sb);
+ name = sb_name.buf;
+ git_path_buf(&sb_repo, "worktrees/%s", name);
len = sb_repo.len;
if (safe_create_leading_directories_const(sb_repo.buf))
die_errno(_("could not create leading directories of '%s'"),
@@ -416,6 +423,7 @@ static int add_worktree(const char *path, const char *refname,
strbuf_release(&symref);
strbuf_release(&sb_repo);
strbuf_release(&sb_git);
+ strbuf_release(&sb_name);
return ret;
}
diff --git a/refs.c b/refs.c
index 142888a40a..e9f83018f0 100644
--- a/refs.c
+++ b/refs.c
@@ -72,30 +72,57 @@ static unsigned char refname_disposition[256] = {
* - it ends with ".lock", or
* - it contains a "@{" portion
*/
-static int check_refname_component(const char *refname, int *flags)
+static int check_refname_component(const char *refname, int *flags,
+ struct strbuf *sanitized)
{
const char *cp;
char last = '\0';
+ size_t component_start;
+
+ if (sanitized)
+ component_start = sanitized->len;
for (cp = refname; ; cp++) {
int ch = *cp & 255;
unsigned char disp = refname_disposition[ch];
+
+ if (sanitized && disp != 1)
+ strbuf_addch(sanitized, ch);
+
switch (disp) {
case 1:
goto out;
case 2:
- if (last == '.')
- return -1; /* Refname contains "..". */
+ if (last == '.') { /* Refname contains "..". */
+ if (sanitized)
+ sanitized->len--; /* collapse ".." to single "." */
+ else
+ return -1;
+ }
break;
case 3:
- if (last == '@')
- return -1; /* Refname contains "@{". */
+ if (last == '@') { /* Refname contains "@{". */
+ if (sanitized)
+ sanitized->buf[sanitized->len-1] = '-';
+ else
+ return -1;
+ }
break;
case 4:
- return -1;
+ /* forbidden char */
+ if (sanitized)
+ sanitized->buf[sanitized->len-1] = '-';
+ else
+ return -1;
+ break;
case 5:
- if (!(*flags & REFNAME_REFSPEC_PATTERN))
- return -1; /* refspec can't be a pattern */
+ if (!(*flags & REFNAME_REFSPEC_PATTERN)) {
+ /* refspec can't be a pattern */
+ if (sanitized)
+ sanitized->buf[sanitized->len-1] = '-';
+ else
+ return -1;
+ }
/*
* Unset the pattern flag so that we only accept
@@ -109,26 +136,48 @@ static int check_refname_component(const char *refname, int *flags)
out:
if (cp == refname)
return 0; /* Component has zero length. */
- if (refname[0] == '.')
- return -1; /* Component starts with '.'. */
+
+ if (refname[0] == '.') { /* Component starts with '.'. */
+ if (sanitized)
+ sanitized->buf[component_start] = '-';
+ else
+ return -1;
+ }
if (cp - refname >= LOCK_SUFFIX_LEN &&
- !memcmp(cp - LOCK_SUFFIX_LEN, LOCK_SUFFIX, LOCK_SUFFIX_LEN))
- return -1; /* Refname ends with ".lock". */
+ !memcmp(cp - LOCK_SUFFIX_LEN, LOCK_SUFFIX, LOCK_SUFFIX_LEN)) {
+ if (!sanitized)
+ return -1;
+ /* Refname ends with ".lock". */
+ while (strbuf_strip_suffix(sanitized, LOCK_SUFFIX)) {
+ /* try again in case we have .lock.lock */
+ }
+ }
return cp - refname;
}
-int check_refname_format(const char *refname, int flags)
+static int check_or_sanitize_refname(const char *refname, int flags,
+ struct strbuf *sanitized)
{
int component_len, component_count = 0;
- if (!strcmp(refname, "@"))
+ if (!strcmp(refname, "@")) {
/* Refname is a single character '@'. */
- return -1;
+ if (sanitized)
+ strbuf_addch(sanitized, '-');
+ else
+ return -1;
+ }
while (1) {
+ if (sanitized && sanitized->len)
+ strbuf_complete(sanitized, '/');
+
/* We are at the start of a path component. */
- component_len = check_refname_component(refname, &flags);
- if (component_len <= 0)
+ component_len = check_refname_component(refname, &flags,
+ sanitized);
+ if (sanitized && component_len == 0)
+ ; /* OK, omit empty component */
+ else if (component_len <= 0)
return -1;
component_count++;
@@ -138,13 +187,29 @@ int check_refname_format(const char *refname, int flags)
refname += component_len + 1;
}
- if (refname[component_len - 1] == '.')
- return -1; /* Refname ends with '.'. */
+ if (refname[component_len - 1] == '.') {
+ /* Refname ends with '.'. */
+ if (sanitized)
+ ; /* omit ending dot */
+ else
+ return -1;
+ }
if (!(flags & REFNAME_ALLOW_ONELEVEL) && component_count < 2)
return -1; /* Refname has only one component. */
return 0;
}
+int check_refname_format(const char *refname, int flags)
+{
+ return check_or_sanitize_refname(refname, flags, NULL);
+}
+
+void sanitize_refname_component(const char *refname, struct strbuf *out)
+{
+ if (check_or_sanitize_refname(refname, REFNAME_ALLOW_ONELEVEL, out))
+ BUG("sanitizing refname '%s' check returned error", refname);
+}
+
int refname_is_safe(const char *refname)
{
const char *rest;
diff --git a/refs.h b/refs.h
index 308fa1f03b..4d8c5465c3 100644
--- a/refs.h
+++ b/refs.h
@@ -460,6 +460,12 @@ int for_each_reflog(each_ref_fn fn, void *cb_data);
*/
int check_refname_format(const char *refname, int flags);
+/*
+ * Apply the rules from check_refname_format, but mutate the result until it
+ * is acceptable, and place the result in "out".
+ */
+void sanitize_refname_component(const char *refname, struct strbuf *out);
+
const char *prettify_refname(const char *refname);
char *shorten_unambiguous_ref(const char *refname, int strict);
diff --git a/t/t2400-worktree-add.sh b/t/t2400-worktree-add.sh
index 286bba35d8..c989dbe321 100755
--- a/t/t2400-worktree-add.sh
+++ b/t/t2400-worktree-add.sh
@@ -570,4 +570,9 @@ test_expect_success '"add" an existing locked but missing worktree' '
git worktree add --force --force --detach gnoo
'
+test_expect_success FUNNYNAMES 'sanitize generated worktree name' '
+ git worktree add --detach ". weird*..?.lock.lock" &&
+ test -d .git/worktrees/---weird-.-
+'
+
test_done
--
2.21.0.rc1.337.gdf7f8d0522
next prev parent reply other threads:[~2019-03-08 9:28 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-18 14:36 git gc fails with "unable to resolve reference" for worktree hi-angel
2019-02-18 15:02 ` Duy Nguyen
2019-02-18 15:09 ` hi-angel
2019-02-18 15:18 ` Duy Nguyen
2019-02-20 14:34 ` hi-angel
2019-02-21 11:00 ` [PATCH] worktree add: sanitize worktree names Nguyễn Thái Ngọc Duy
2019-02-21 11:28 ` Konstantin Kharlamov
2019-02-21 11:38 ` Duy Nguyen
2019-02-21 11:44 ` Konstantin Kharlamov
2019-02-21 11:52 ` Duy Nguyen
2019-02-21 13:23 ` Jeff King
2019-02-21 12:19 ` [PATCH v2 0/1] " Nguyễn Thái Ngọc Duy
2019-02-21 12:19 ` [PATCH v2 1/1] " Nguyễn Thái Ngọc Duy
2019-02-21 13:22 ` Jeff King
2019-02-21 17:41 ` Ramsay Jones
2019-02-22 9:21 ` Duy Nguyen
2019-02-26 10:58 ` [PATCH v3 0/1] " Nguyễn Thái Ngọc Duy
2019-02-26 10:58 ` [PATCH v3 1/1] " Nguyễn Thái Ngọc Duy
2019-02-27 12:08 ` Jeff King
2019-02-27 14:23 ` Eric Sunshine
2019-02-27 16:04 ` Jeff King
2019-03-03 1:22 ` Junio C Hamano
2019-03-04 11:19 ` Duy Nguyen
2019-03-04 12:04 ` Duy Nguyen
2019-03-04 15:06 ` Johannes Schindelin
2019-03-05 12:08 ` [PATCH v4 0/2] " Nguyễn Thái Ngọc Duy
2019-03-05 12:08 ` [PATCH v4 1/2] refs.c: refactor check_refname_component() Nguyễn Thái Ngọc Duy
2019-03-06 21:49 ` Jeff King
2019-03-07 23:24 ` Eric Sunshine
2019-03-05 12:08 ` [PATCH v4 2/2] worktree add: sanitize worktree names Nguyễn Thái Ngọc Duy
2019-03-08 9:28 ` [PATCH v5 0/1] " Nguyễn Thái Ngọc Duy
2019-03-08 9:28 ` Nguyễn Thái Ngọc Duy [this message]
2019-03-10 2:02 ` [PATCH v5 1/1] " Eric Sunshine
2019-03-11 6:20 ` Junio C Hamano
2019-03-11 9:24 ` Duy Nguyen
2019-03-11 22:39 ` Jeff King
2019-03-12 6:32 ` Junio C Hamano
2019-03-11 6:36 ` Junio C Hamano
2019-03-11 9:27 ` Duy Nguyen
2019-03-11 13:05 ` Johannes Schindelin
2019-03-12 6:45 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190308092834.12549-2-pclouds@gmail.com \
--to=pclouds@gmail.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=hi-angel@yandex.ru \
--cc=peff@peff.net \
--cc=ramsay@ramsayjones.plus.com \
--cc=sunshine@sunshineco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).