diff options
Diffstat (limited to 'lib/gitlab')
-rw-r--r-- | lib/gitlab/checks/tag_check.rb | 13 | ||||
-rw-r--r-- | lib/gitlab/encoding_helper.rb | 4 |
2 files changed, 14 insertions, 3 deletions
diff --git a/lib/gitlab/checks/tag_check.rb b/lib/gitlab/checks/tag_check.rb index 4505bcb5411..d5addab74b8 100644 --- a/lib/gitlab/checks/tag_check.rb +++ b/lib/gitlab/checks/tag_check.rb @@ -11,7 +11,8 @@ module Gitlab delete_protected_tag_non_web: 'You can only delete protected tags using the web interface.', create_protected_tag: 'You are not allowed to create this tag as it is protected.', default_branch_collision: 'You cannot use default branch name to create a tag', - prohibited_tag_name: 'You cannot create a tag with a prohibited pattern.' + prohibited_tag_name: 'You cannot create a tag with a prohibited pattern.', + prohibited_tag_name_encoding: 'Tag names must be valid when converted to UTF-8 encoding' }.freeze LOG_MESSAGES = { @@ -46,6 +47,16 @@ module Gitlab if tag_name.start_with?("refs/tags/") # rubocop: disable Style/GuardClause raise GitAccess::ForbiddenError, ERROR_MESSAGES[:prohibited_tag_name] end + + # rubocop: disable Style/GuardClause + # rubocop: disable Style/SoleNestedConditional + if Feature.enabled?(:prohibited_tag_name_encoding_check, project) + unless Gitlab::EncodingHelper.force_encode_utf8(tag_name).valid_encoding? + raise GitAccess::ForbiddenError, ERROR_MESSAGES[:prohibited_tag_name_encoding] + end + end + # rubocop: enable Style/SoleNestedConditional + # rubocop: enable Style/GuardClause end def protected_tag_checks diff --git a/lib/gitlab/encoding_helper.rb b/lib/gitlab/encoding_helper.rb index 99240f2ad48..b080cb197d4 100644 --- a/lib/gitlab/encoding_helper.rb +++ b/lib/gitlab/encoding_helper.rb @@ -152,8 +152,6 @@ module Gitlab message.delete_prefix(BOM_UTF8) end - private - def force_encode_utf8(message) raise ArgumentError unless message.respond_to?(:force_encoding) return message if message.encoding == Encoding::UTF_8 && message.valid_encoding? @@ -163,6 +161,8 @@ module Gitlab message.force_encoding("UTF-8") end + private + # Escapes \x80 - \xFF characters not supported by UTF-8 def escape_chars(char) bytes = char.bytes |