dulwich-users team mailing list archive

Thread
Date

[PATCH v3 4/4] repo.Repo.get_named_file: check that file is really in git directory

To: dulwich-users@xxxxxxxxxxxxxxxxxxx
From: Tay Ray Chuan <rctay89@xxxxxxxxx>
Date: Mon, 27 Dec 2010 00:15:46 +0800
In-reply-to: <1293380146-792-4-git-send-email-rctay89@gmail.com>

---
 dulwich/repo.py |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/dulwich/repo.py b/dulwich/repo.py
index b1ebd2a..6f58924 100644
--- a/dulwich/repo.py
+++ b/dulwich/repo.py
@@ -1139,7 +1139,13 @@ class Repo(BaseRepo):
         # TODO(dborowitz): sanitize filenames, since this is used directly by
         # the dumb web serving code.
         path = path.lstrip(os.path.sep)
-        path = _norm_path(os.path.join(self.controldir(), path))
+        parent = _norm_path(self.controldir())
+        path = _norm_path(os.path.join(parent, path))
+
+        # check that the file lies in the git directory
+        if not path.startswith(parent):
+            return None
+
         try:
             return open(path, 'rb')
         except (IOError, OSError), e:
-- 
1.7.3.2.msysgit.0

References

Re: [PATCH v2] web: change '/' only if repo is physical
From: Dave Borowitz, 2010-12-22
[PATCH v3 0/4] web paths handling
From: Tay Ray Chuan, 2010-12-26
[PATCH v3 1/4] Repo.get_named_file: fix spelling in doc
From: Tay Ray Chuan, 2010-12-26
[PATCH v3 2/4] web: move url-to-path step into get_named_file
From: Tay Ray Chuan, 2010-12-26
[PATCH v3 3/4] repo.Repo.get_named_file: normalize case
From: Tay Ray Chuan, 2010-12-26