diff options
author | Jeff King <peff@peff.net> | 2017-07-28 15:25:45 -0400 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2017-07-28 15:51:56 -0700 |
commit | 2491f77b90c2e5d47acbe7472c17e7de0af74f63 (patch) | |
tree | ba20f55e5f188c839bb952f7b1a8428c370f9374 | |
parent | 2d90add5ad216807ec1433e5367fae730e74a4cb (diff) | |
download | git-2491f77b90c2e5d47acbe7472c17e7de0af74f63.tar.gz |
connect: factor out "looks like command line option" check
We reject hostnames that start with a dash because they may
be confused for command-line options. Let's factor out that
notion into a helper function, as we'll use it in more
places. And while it's simple now, it's not clear if some
systems might need more complex logic to handle all cases.
Signed-off-by: Jeff King <peff@peff.net>
Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r-- | cache.h | 8 | ||||
-rw-r--r-- | connect.c | 2 | ||||
-rw-r--r-- | path.c | 5 |
3 files changed, 14 insertions, 1 deletions
@@ -991,6 +991,14 @@ char *strip_path_suffix(const char *path, const char *suffix); int daemon_avoid_alias(const char *path); extern int is_ntfs_dotgit(const char *name); +/* + * Returns true iff "str" could be confused as a command-line option when + * passed to a sub-program like "ssh". Note that this has nothing to do with + * shell-quoting, which should be handled separately; we're assuming here that + * the string makes it verbatim to the sub-program. + */ +int looks_like_command_line_option(const char *str); + /** * Return a newly allocated string with the evaluation of * "$XDG_CONFIG_HOME/git/$filename" if $XDG_CONFIG_HOME is non-empty, otherwise @@ -754,7 +754,7 @@ struct child_process *git_connect(int fd[2], const char *url, return NULL; } - if (ssh_host[0] == '-') + if (looks_like_command_line_option(ssh_host)) die("strange hostname '%s' blocked", ssh_host); ssh = getenv("GIT_SSH_COMMAND"); @@ -1178,6 +1178,11 @@ int is_ntfs_dotgit(const char *name) } } +int looks_like_command_line_option(const char *str) +{ + return str && str[0] == '-'; +} + char *xdg_config_home(const char *filename) { const char *home, *config_home; |