diff options
author | Justin Tobler <jtobler@gitlab.com> | 2022-10-12 19:51:00 +0300 |
---|---|---|
committer | Justin Tobler <jtobler@gitlab.com> | 2022-10-12 19:51:00 +0300 |
commit | e4f664d889100c13966f95d0534c6d9932d551cb (patch) | |
tree | 0c6b2471ffdb10d941d7cd978d7906b287a9213a | |
parent | 678c8ecdbbc91de5c3958d110d19822690bb6818 (diff) | |
parent | 894bd7d8bd67dd40e2f0bdb002d4632884cdb9e6 (diff) |
Merge branch 'jc-improve-ref-validation' into 'master'
git: Validate \\ in refname
See merge request https://gitlab.com/gitlab-org/gitaly/-/merge_requests/4921
Merged-by: Justin Tobler <jtobler@gitlab.com>
Approved-by: Patrick Steinhardt <psteinhardt@gitlab.com>
Approved-by: Justin Tobler <jtobler@gitlab.com>
Co-authored-by: John Cai <jcai@gitlab.com>
-rw-r--r-- | internal/git/revision.go | 3 | ||||
-rw-r--r-- | internal/git/revision_test.go | 5 |
2 files changed, 8 insertions, 0 deletions
diff --git a/internal/git/revision.go b/internal/git/revision.go index 89d1e05d4..45814cfad 100644 --- a/internal/git/revision.go +++ b/internal/git/revision.go @@ -21,6 +21,9 @@ func validateRevision(revision []byte, allowEmpty bool) error { if bytes.Contains(revision, []byte(":")) { return fmt.Errorf("revision can't contain ':'") } + if bytes.Contains(revision, []byte("\\")) { + return fmt.Errorf("revision can't contain '\\'") + } return nil } diff --git a/internal/git/revision_test.go b/internal/git/revision_test.go index edd574d5c..afb05c2e6 100644 --- a/internal/git/revision_test.go +++ b/internal/git/revision_test.go @@ -63,6 +63,11 @@ func TestValidateRevision(t *testing.T) { revision: "foo/bar:baz", expectedErr: fmt.Errorf("revision can't contain ':'"), }, + { + desc: "backslash", + revision: "foo\\bar\\baz", + expectedErr: fmt.Errorf("revision can't contain '\\'"), + }, } { t.Run(tc.desc, func(t *testing.T) { require.Equal(t, tc.expectedErr, ValidateRevision([]byte(tc.revision))) |