From: Junio C Hamano <gitster@pobox.com>
To: Ramkumar Ramachandra <artagnon@gmail.com>
Cc: Jeff King <peff@peff.net>, Duy Nguyen <pclouds@gmail.com>,
Git List <git@vger.kernel.org>
Subject: Re: [PATCH 2/2] add: refuse to add paths beyond repository boundaries
Date: Tue, 09 Apr 2013 10:09:56 -0700 [thread overview]
Message-ID: <7v4nfftyu3.fsf@alter.siamese.dyndns.org> (raw)
In-Reply-To: <1365499297-8667-3-git-send-email-artagnon@gmail.com> (Ramkumar Ramachandra's message of "Tue, 9 Apr 2013 14:51:37 +0530")
Ramkumar Ramachandra <artagnon@gmail.com> writes:
> Currently, git add has the logic for refusing to add gitlinks using
> treat_path(), which in turn calls check_path_for_gitlink(). However,
> this only checks for an in-index submodule (or gitlink cache_entry).
> A path inside a git repository in the worktree still adds fine, and
> this is a bug. The logic for denying it is very similar to denying
> adding paths beyond symbolic links: die_if_path_beyond_symlink().
> Follow its example and write a die_if_path_beyond_gitrepo() to fix
> this bug.
>
> Signed-off-by: Ramkumar Ramachandra <artagnon@gmail.com>
> ---
> @@ -166,6 +166,7 @@ static const char **validate_pathspec(const char **argv, const char *prefix)
> const char **p;
> for (p = pathspec; *p; p++) {
> die_if_path_beyond_symlink(*p, prefix);
> + die_if_path_beyond_gitrepo(*p, prefix);
> }
> }
> diff --git a/cache.h b/cache.h
> index e1e8ce8..987d7f3 100644
> --- a/cache.h
> +++ b/cache.h
> @@ -962,6 +962,8 @@ struct cache_def {
>
> extern int has_symlink_leading_path(const char *name, int len);
> +extern int has_gitrepo_leading_path(const char *name, int len);
I looked at the output from "grep has_symlink_leading_path" and also
for "die_if_path_beyond"; all of these places are checking "I have
this multi-level path; I want to know if the path does not (should
not) be part of the current project", I think. Certainly the one in
the "update-index" is about the same operation as "git add" you are
patching.
Isn't it a better approach to _rename_ the existing function not to
single out "symlink"-ness of the path first ? A symlink in the
middle of such a multi-level path that leads to a place outside the
project is _not_ the only way to step out of our project boundary. A
directory in the middle of a multi-level path that is the top-level
of the working tree of a foreign project is another way to step out
of our project boundary. Perhaps
die_if_path_outside_our_project()
path_outside_our_project()
And then update the implementation of path_outside_our_project(),
which only took "symlink in the middle" into account so far, and
teach it that such a "top-level of the working tree of a foreign
project" is also stepping out of our project?
That way, you do not have to settle on fixing the bug only in "git
add" and keep the bug in "git update-index", I think.
I think the hit in builtin/apply.c deals with the same "beyond
symlink is outside our project" check and can be updated like so. I
didn't look at the ones in diff-lib.c and dir.c so you may want to
double check on what they use it for.
next prev parent reply other threads:[~2013-04-09 17:10 UTC|newest]
Thread overview: 140+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-04 18:30 [RFC/PATCH 0/7] Rework git core for native submodules Ramkumar Ramachandra
2013-04-04 18:30 ` [PATCH 1/7] link.c, link.h: introduce fifth object type Ramkumar Ramachandra
2013-04-04 18:30 ` [PATCH 2/7] sha1_file, link: write link objects to the database Ramkumar Ramachandra
2013-04-05 7:11 ` Ramkumar Ramachandra
2013-04-05 7:59 ` Ramkumar Ramachandra
2013-04-04 18:30 ` [PATCH 3/7] teach ce_compare_gitlink() about OBJ_LINK Ramkumar Ramachandra
2013-04-04 18:30 ` [PATCH 4/7] builtin/log: teach show " Ramkumar Ramachandra
2013-04-04 18:30 ` [PATCH 5/7] edit-link: add new builtin Ramkumar Ramachandra
2013-04-04 18:30 ` [PATCH 6/7] clone: introduce clone.submodulegitdir Ramkumar Ramachandra
2013-04-05 7:07 ` Ramkumar Ramachandra
2013-04-04 18:30 ` [PATCH 7/7] sha1_file: write ref_name to link object Ramkumar Ramachandra
2013-04-05 7:03 ` Ramkumar Ramachandra
2013-04-04 18:40 ` [RFC/PATCH 0/7] Rework git core for native submodules Linus Torvalds
2013-04-04 18:52 ` Ramkumar Ramachandra
2013-04-04 19:04 ` Linus Torvalds
2013-04-04 19:17 ` Junio C Hamano
2013-04-04 19:59 ` Ramkumar Ramachandra
2013-04-04 20:28 ` Jens Lehmann
2013-04-04 19:36 ` Ramkumar Ramachandra
2013-04-04 19:44 ` Linus Torvalds
2013-04-04 19:52 ` Ramkumar Ramachandra
2013-04-04 20:08 ` Ramkumar Ramachandra
2013-04-04 20:04 ` Ramkumar Ramachandra
2013-04-05 16:02 ` Linus Torvalds
2013-04-05 16:37 ` Ramkumar Ramachandra
2013-04-04 19:42 ` Ramkumar Ramachandra
2013-04-04 21:20 ` Jens Lehmann
2013-04-04 21:35 ` Ramkumar Ramachandra
2013-04-04 22:13 ` Junio C Hamano
2013-04-04 22:18 ` Ramkumar Ramachandra
2013-04-04 22:26 ` Junio C Hamano
2013-04-04 22:32 ` Ramkumar Ramachandra
2013-04-04 23:08 ` Junio C Hamano
2013-04-04 23:14 ` Ramkumar Ramachandra
2013-04-05 17:07 ` Junio C Hamano
2013-04-05 17:23 ` Ramkumar Ramachandra
2013-04-05 6:53 ` Ramkumar Ramachandra
2013-04-04 18:47 ` Jonathan Nieder
2013-04-04 18:58 ` Jonathan Nieder
2013-04-04 18:55 ` Jonathan Nieder
2013-04-08 10:10 ` Duy Nguyen
2013-04-08 10:26 ` [PATCH] t3700 (add): add failing test for add with submodules Ramkumar Ramachandra
2013-04-08 11:04 ` Duy Nguyen
2013-04-08 15:07 ` Junio C Hamano
2013-04-08 21:30 ` Jeff King
2013-04-08 22:03 ` Junio C Hamano
2013-04-08 22:07 ` Jeff King
2013-04-09 9:19 ` Ramkumar Ramachandra
2013-04-09 9:21 ` [PATCH 0/2] Fix git " Ramkumar Ramachandra
2013-04-09 9:21 ` [PATCH 1/2] t3700 (add): add two tests for testing " Ramkumar Ramachandra
2013-04-09 9:21 ` [PATCH 2/2] add: refuse to add paths beyond repository boundaries Ramkumar Ramachandra
2013-04-09 16:50 ` Jeff King
2013-04-09 17:09 ` Junio C Hamano [this message]
2013-04-09 17:34 ` Junio C Hamano
2013-04-09 17:41 ` Ramkumar Ramachandra
2013-04-09 17:54 ` Junio C Hamano
2013-04-09 18:17 ` Ramkumar Ramachandra
2013-04-09 18:50 ` Junio C Hamano
2013-04-09 19:09 ` Junio C Hamano
2013-04-09 20:31 ` Junio C Hamano
2013-04-10 13:25 ` Ramkumar Ramachandra
2013-04-10 16:25 ` Junio C Hamano
2013-04-09 17:41 ` Junio C Hamano
2013-04-09 17:56 ` Ramkumar Ramachandra
2013-04-09 18:48 ` Junio C Hamano
2013-04-10 13:38 ` Ramkumar Ramachandra
2013-04-09 18:32 ` Jakub Narębski
2013-04-09 18:51 ` Junio C Hamano
2013-04-09 18:58 ` Jakub Narębski
2013-04-09 19:10 ` Junio C Hamano
2013-04-09 16:27 ` [PATCH] t3700 (add): add failing test for add with submodules Jeff King
2013-04-09 11:43 ` Jakub Narębski
2013-04-09 11:54 ` Ramkumar Ramachandra
2013-04-09 13:49 ` Jakub Narębski
2013-04-06 20:10 ` [RFC/PATCH 0/7] Rework git core for native submodules Ramkumar Ramachandra
2013-04-07 3:31 ` Junio C Hamano
2013-04-07 7:27 ` Ramkumar Ramachandra
2013-04-07 9:00 ` Junio C Hamano
2013-04-07 10:58 ` Ramkumar Ramachandra
2013-04-07 15:51 ` Ramkumar Ramachandra
2013-04-07 16:12 ` John Keeping
2013-04-07 16:42 ` Ramkumar Ramachandra
2013-04-07 17:02 ` John Keeping
2013-04-07 17:22 ` Ramkumar Ramachandra
2013-04-07 17:52 ` John Keeping
2013-04-07 18:07 ` Ramkumar Ramachandra
2013-04-07 18:21 ` John Keeping
2013-04-07 18:34 ` Jens Lehmann
2013-04-07 18:44 ` Ramkumar Ramachandra
2013-04-07 20:15 ` Jens Lehmann
2013-04-07 20:49 ` Ramkumar Ramachandra
2013-04-07 21:02 ` John Keeping
2013-04-07 21:11 ` Ramkumar Ramachandra
2013-04-07 20:57 ` Ramkumar Ramachandra
2013-04-07 21:23 ` Jonathan Nieder
2013-04-07 21:30 ` Ramkumar Ramachandra
2013-04-08 7:48 ` Jens Lehmann
2013-04-08 8:07 ` Ramkumar Ramachandra
2013-04-08 8:19 ` Jonathan Nieder
2013-04-08 9:08 ` Ramkumar Ramachandra
2013-04-08 10:29 ` Duy Nguyen
2013-04-08 11:06 ` Ramkumar Ramachandra
2013-04-08 11:29 ` Duy Nguyen
2013-04-08 11:53 ` Ramkumar Ramachandra
2013-04-08 15:06 ` Junio C Hamano
2013-04-08 16:08 ` Ramkumar Ramachandra
2013-04-08 18:10 ` Junio C Hamano
2013-04-08 19:03 ` Ramkumar Ramachandra
2013-04-08 19:48 ` Junio C Hamano
2013-04-08 19:54 ` Ramkumar Ramachandra
2013-04-08 20:30 ` Junio C Hamano
2013-04-08 21:03 ` Ramkumar Ramachandra
2013-04-10 7:23 ` Philip Oakley
2013-04-08 21:59 ` Ramkumar Ramachandra
2013-04-09 11:51 ` Jakub Narębski
2013-04-08 11:10 ` Ramkumar Ramachandra
2013-04-08 8:37 ` Jonathan Nieder
2013-04-08 9:14 ` Ramkumar Ramachandra
2013-04-08 14:46 ` Junio C Hamano
2013-04-08 17:12 ` Junio C Hamano
2013-04-17 10:37 ` Duy Nguyen
2013-04-17 11:06 ` Ramkumar Ramachandra
2013-04-17 11:27 ` Duy Nguyen
2013-04-17 11:56 ` Ramkumar Ramachandra
2013-04-17 12:06 ` Duy Nguyen
2013-04-17 12:14 ` Ramkumar Ramachandra
[not found] ` <CALkWK0m9QmZaSDruY=+2F-Kkw+fd6E1TYC TBpVQHRJrzq2VjCQ@mail.gmail.com>
2013-04-17 23:17 ` Philip Oakley
2013-04-18 7:50 ` Ramkumar Ramachandra
2013-04-19 17:08 ` Jens Lehmann
2013-04-17 16:01 ` Junio C Hamano
2013-04-08 20:41 ` Jens Lehmann
2013-04-08 21:36 ` Jeff King
2013-04-07 18:59 ` John Keeping
2013-04-07 19:06 ` Ramkumar Ramachandra
2013-04-07 19:17 ` Ramkumar Ramachandra
2013-04-07 18:37 ` Ramkumar Ramachandra
2013-04-07 18:22 ` Ramkumar Ramachandra
2013-04-07 19:26 ` Ramkumar Ramachandra
[not found] ` <CAP8UFD3i2vc3OSAHRERpiPY7cRjqhkqcBN9hVW0QmMksnCPccw@mail.gmail.com>
2013-04-07 21:24 ` Ramkumar Ramachandra
[not found] ` <CAP8UFD16gwWjE7T75D7kUM-VOXhtZaSRGtEg8fW5kmuKDLTQHQ@mail.gmail.com>
2013-04-08 17:04 ` Ramkumar Ramachandra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7v4nfftyu3.fsf@alter.siamese.dyndns.org \
--to=gitster@pobox.com \
--cc=artagnon@gmail.com \
--cc=git@vger.kernel.org \
--cc=pclouds@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).