[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-patch] [PATCH] do not validate target name when it is specified
|
From: |
Andreas Gruenbacher |
|
Subject: |
Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line |
|
Date: |
Thu, 17 Feb 2011 08:52:51 +0100 |
|
User-agent: |
KMail/1.13.5 (Linux/2.6.34.7-0.4-desktop; KDE/4.4.4; x86_64; ; ) |
On Wednesday 16 February 2011 18:03:21 Jim Meyering wrote:
> Here's a better patch.
Nice. Now we can suppress warnings for equal filenames too for even fewer
confusing warnings. Here is your last patch + some coding style changes +
actually comparing filenames + test case.
Thanks,
Andreas
diff --git a/src/pch.c b/src/pch.c
index 41c15b6..1fd3848 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -379,11 +379,18 @@ skip_hex_digits (char const *str)
static bool
name_is_valid (char const *name)
{
- const char *n = name;
+ static char const *bad[2];
+ char const *n;
+
+ if (bad[0] && ! strcmp (bad[0], name))
+ return false;
+ if (bad[1] && ! strcmp (bad[1], name))
+ return false;
if (IS_ABSOLUTE_FILE_NAME (name))
{
say ("Ignoring potentially dangerous file name %s\n", quotearg (name));
+ bad[!! bad[0]] = name;
return false;
}
for (n = name; *n; )
@@ -391,6 +398,7 @@ name_is_valid (char const *name)
if (*n == '.' && *++n == '.' && ( ! *++n || ISSLASH (*n)))
{
say ("Ignoring potentially dangerous file name %s\n", quotearg
(name));
+ bad[!! bad[0]] = name;
return false;
}
while (*n && ! ISSLASH (*n))
diff --git a/tests/bad-filenames b/tests/bad-filenames
index 0bc23eb..e1b9e92 100644
--- a/tests/bad-filenames
+++ b/tests/bad-filenames
@@ -114,3 +114,27 @@ echo 1 > g
check 'patch -f -p1 --dry-run < d.diff || echo status: $?' <<EOF
patching file g
EOF
+
+mkdir d
+cd d
+cat > d.diff <<EOF
+--- ../h
++++ ../h
+@@ -0,0 +1 @@
++x
+EOF
+
+touch ../h
+check 'patch -f -p0 < d.diff || echo status: $?' <<EOF
+Ignoring potentially dangerous file name ../h
+can't find file to patch at input line 3
+Perhaps you used the wrong -p or --strip option?
+The text leading up to this was:
+--------------------------
+|--- ../h
+|+++ ../h
+--------------------------
+No file to patch. Skipping patch.
+1 out of 1 hunk ignored
+status: 1
+EOF
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, (continued)
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Jim Meyering, 2011/02/16
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Andreas Gruenbacher, 2011/02/16
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Jim Meyering, 2011/02/16
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Andreas Gruenbacher, 2011/02/16
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Jim Meyering, 2011/02/16
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Andreas Gruenbacher, 2011/02/16
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Jim Meyering, 2011/02/16
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line,
Andreas Gruenbacher <=
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Jim Meyering, 2011/02/17
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Andreas Gruenbacher, 2011/02/17
- Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line, Jim Meyering, 2011/02/17