diff options
author | Ahmad Hassan <ahmad.hassan612@gmail.com> | 2018-07-17 15:12:29 +0200 |
---|---|---|
committer | Ahmad Hassan <ahmad.hassan612@gmail.com> | 2018-07-19 12:23:46 +0200 |
commit | 8ea9c81593bd43f38bcafc0ca18408889970cbd6 (patch) | |
tree | bebe6c1d314b402a2940f3bccce9fa9cc49ef8bb | |
parent | 59b82fbcd48108682d58426975b581800672ca28 (diff) | |
download | gitlab-ce-8ea9c81593bd43f38bcafc0ca18408889970cbd6.tar.gz |
Use rugged to validate ref name
-rw-r--r-- | lib/gitlab/git_ref_validator.rb | 8 | ||||
-rwxr-xr-x | scripts/lint-rugged | 5 |
2 files changed, 8 insertions, 5 deletions
diff --git a/lib/gitlab/git_ref_validator.rb b/lib/gitlab/git_ref_validator.rb index 2e3e4fc3f1f..40636fb204e 100644 --- a/lib/gitlab/git_ref_validator.rb +++ b/lib/gitlab/git_ref_validator.rb @@ -7,11 +7,11 @@ module Gitlab # # Returns true for a valid reference name, false otherwise def validate(ref_name) - return false if ref_name.start_with?('refs/heads/') - return false if ref_name.start_with?('refs/remotes/') + not_allowed_prefixes = %w(refs/heads/ refs/remotes/ -) + return false if ref_name.start_with?(*not_allowed_prefixes) + return false if ref_name == 'HEAD' - Gitlab::Utils.system_silent( - %W(#{Gitlab.config.git.bin_path} check-ref-format --branch #{ref_name})) + Rugged::Reference.valid_name? "refs/heads/#{ref_name}" end end end diff --git a/scripts/lint-rugged b/scripts/lint-rugged index cabd083e9f9..d0c2c544c47 100755 --- a/scripts/lint-rugged +++ b/scripts/lint-rugged @@ -14,7 +14,10 @@ ALLOWED = [ 'lib/tasks/gitlab/cleanup.rake', # The only place where Rugged code is still allowed in production - 'lib/gitlab/git/' + 'lib/gitlab/git/', + + # Needed to avoid using the git binary to validate a branch name + 'lib/gitlab/git_ref_validator.rb' ].freeze rugged_lines = IO.popen(%w[git grep -i -n rugged -- app config lib], &:read).lines |