From: Junio C Hamano <junkio@cox.net>
To: Alex Riesen <raa.lkml@gmail.com>
Cc: git@vger.kernel.org
Subject: Re: [PATCH] [COGITO] make cg-tag use git-check-ref-format
Date: Thu, 15 Dec 2005 15:38:07 -0800 [thread overview]
Message-ID: <7vacf2lyn4.fsf@assigned-by-dhcp.cox.net> (raw)
In-Reply-To: 20051215222424.GA3094@steel.home
Alex Riesen <raa.lkml@gmail.com> writes:
> Junio C Hamano, Tue, Dec 13, 2005 19:41:27 +0100:
>>
>> > Thank you both for the patch, but I'd be much more comfortable if at
>> > least quotes (both ' and "), backslashes, ? and * would be prohibited in
>> > the names as well.
>>
>> I second that, and thanks for pointing it out. Any objections?
>
> Just as a warning, perhaps? It's not like git is anywhere limited in
> this respect...
Yeah, after thinking about it a bit more, I changed my mind.
The wildcard letters like ? and * I understand and sympathetic
about somewhat. Something like this:
name="*.sh" ;# this also comes from the end user
echo $name
ends up showing every shell script in the current directory,
and not literal '*.sh'.
However, I do not think covering five characters '"\?* gives us
anything, and sends a strong message that we do not know our
shell programming to whoever is reading our code. For one
thing, the user can still say "foo[a-z]bar" to confuse you, so
you also need to forbid [].
The thing is, if you start to care about single and double
quotes, then what you are doing carelessly is not something
simple like this:
name='frotz'\''nitfol"filfre\xyzzy' ;# this comes from the end user.
echo $name ;# and this prints just fine.
For quotes to matter, you must be doing an "eval" carelessly,
and "eval" and careless should never go together.
# do not try this in your repository without echo
name="foo; echo rm -fr ."
eval "git-rev-parse $name"
You end up needing to forbid a lot more than the quoting and
wildcard, if you want to keep your shell scripts loose and lazy;
which may be a worthy goal in itself but pretty much defeats the
initial discussion of "why do we allow only these characters in
tags".
So in short, I am somewhat negative about the idea of adding
more "forbidden letters". Let's make sure our scripts are
careful where safety matters.
Note that this does not forbid Porcelains to enforce additional
restrictions on their own.
next prev parent reply other threads:[~2005-12-15 23:38 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-13 10:54 [PATCH] [COGITO] make cg-tag use git-check-ref-format Martin Atukunda
2005-12-13 11:13 ` Junio C Hamano
2005-12-13 11:28 ` Martin Atukunda
2005-12-13 17:00 ` Petr Baudis
2005-12-13 18:41 ` Junio C Hamano
2005-12-15 22:24 ` Alex Riesen
2005-12-15 23:38 ` Junio C Hamano [this message]
2005-12-16 2:17 ` Junio C Hamano
2005-12-16 9:17 ` Petr Baudis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7vacf2lyn4.fsf@assigned-by-dhcp.cox.net \
--to=junkio@cox.net \
--cc=git@vger.kernel.org \
--cc=raa.lkml@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).