Browse code
Merge pull request #38944 from andrewhsu/gitutils
gitutils: add validation for ref
Sebastiaan van Stijn authored on 2019/03/27 10:03:47Showing 2 changed files
| ... | ... |
@@ -102,6 +102,11 @@ func parseRemoteURL(remoteURL string) (gitRepo, error) {
|
| 102 | 102 |
u.Fragment = "" |
| 103 | 103 |
repo.remote = u.String() |
| 104 | 104 |
} |
| 105 |
+ |
|
| 106 |
+ if strings.HasPrefix(repo.ref, "-") {
|
|
| 107 |
+ return gitRepo{}, errors.Errorf("invalid refspec: %s", repo.ref)
|
|
| 108 |
+ } |
|
| 109 |
+ |
|
| 105 | 110 |
return repo, nil |
| 106 | 111 |
} |
| 107 | 112 |
|
| ... | ... |
@@ -124,7 +129,7 @@ func fetchArgs(remoteURL string, ref string) []string {
|
| 124 | 124 |
args = append(args, "--depth", "1") |
| 125 | 125 |
} |
| 126 | 126 |
|
| 127 |
- return append(args, "origin", ref) |
|
| 127 |
+ return append(args, "origin", "--", ref) |
|
| 128 | 128 |
} |
| 129 | 129 |
|
| 130 | 130 |
// Check if a given git URL supports a shallow git clone, |
| ... | ... |
@@ -59,7 +59,7 @@ func TestCloneArgsSmartHttp(t *testing.T) {
|
| 59 | 59 |
}) |
| 60 | 60 |
|
| 61 | 61 |
args := fetchArgs(serverURL.String(), "master") |
| 62 |
- exp := []string{"fetch", "--depth", "1", "origin", "master"}
|
|
| 62 |
+ exp := []string{"fetch", "--depth", "1", "origin", "--", "master"}
|
|
| 63 | 63 |
assert.Check(t, is.DeepEqual(exp, args)) |
| 64 | 64 |
} |
| 65 | 65 |
|
| ... | ... |
@@ -75,13 +75,13 @@ func TestCloneArgsDumbHttp(t *testing.T) {
|
| 75 | 75 |
}) |
| 76 | 76 |
|
| 77 | 77 |
args := fetchArgs(serverURL.String(), "master") |
| 78 |
- exp := []string{"fetch", "origin", "master"}
|
|
| 78 |
+ exp := []string{"fetch", "origin", "--", "master"}
|
|
| 79 | 79 |
assert.Check(t, is.DeepEqual(exp, args)) |
| 80 | 80 |
} |
| 81 | 81 |
|
| 82 | 82 |
func TestCloneArgsGit(t *testing.T) {
|
| 83 | 83 |
args := fetchArgs("git://github.com/docker/docker", "master")
|
| 84 |
- exp := []string{"fetch", "--depth", "1", "origin", "master"}
|
|
| 84 |
+ exp := []string{"fetch", "--depth", "1", "origin", "--", "master"}
|
|
| 85 | 85 |
assert.Check(t, is.DeepEqual(exp, args)) |
| 86 | 86 |
} |
| 87 | 87 |
|
| ... | ... |
@@ -276,3 +276,18 @@ func TestValidGitTransport(t *testing.T) {
|
| 276 | 276 |
} |
| 277 | 277 |
} |
| 278 | 278 |
} |
| 279 |
+ |
|
| 280 |
+func TestGitInvalidRef(t *testing.T) {
|
|
| 281 |
+ gitUrls := []string{
|
|
| 282 |
+ "git://github.com/moby/moby#--foo bar", |
|
| 283 |
+ "git@github.com/moby/moby#--upload-pack=sleep;:", |
|
| 284 |
+ "git@g.com:a/b.git#-B", |
|
| 285 |
+ "git@g.com:a/b.git#with space", |
|
| 286 |
+ } |
|
| 287 |
+ |
|
| 288 |
+ for _, url := range gitUrls {
|
|
| 289 |
+ _, err := Clone(url) |
|
| 290 |
+ assert.Assert(t, err != nil) |
|
| 291 |
+ assert.Check(t, is.Contains(strings.ToLower(err.Error()), "invalid refspec")) |
|
| 292 |
+ } |
|
| 293 |
+} |