diff options
| author |  Johannes Schindelin <johannes.schindelin@gmx.de> | 2019-12-21 22:05:00 +0000 |
|---|---|---|
| committer |  Junio C Hamano <gitster@pobox.com> | 2019-12-21 16:09:06 -0800 |
| commit | 98d9b23e90510c5acafa2ebc9463cc2293f40df0 (patch) | |
| tree | e3a8a6f5fd7c0105c2deab442d05cd1ba2fd319b | |
| parent | Git 2.24.1 (diff) | |
| download | tgif-98d9b23e90510c5acafa2ebc9463cc2293f40df0.tar.xz | |
mingw: short-circuit the conversion of `/dev/null` to UTF-16
In the next commit, we want to disallow accessing any path that contains
any segment that is equivalent to `NUL`. In particular, we want to
disallow accessing `NUL` (e.g. to prevent any repository from being
checked out that contains a file called `NUL`, as that is not a valid
file name on Windows).
However, there are legitimate use cases within Git itself to write to
the Null device. As Git is really a Linux project, it does not abstract
that idea, though, but instead uses `/dev/null` to describe this
intention.
So let's side-step the validation _specifically_ in the case that we
want to write to (or read from) `/dev/null`, via a dedicated short-cut
in the code that skips the call to `validate_win32_path()`.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| -rw-r--r-- | compat/mingw.c | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/compat/mingw.c b/compat/mingw.c index bd24d913f9..03c4538ec8 100644 --- a/compat/mingw.c +++ b/compat/mingw.c @@ -484,16 +484,16 @@ int mingw_open (const char *filename, int oflags, ...) return -1; } - if (filename && !strcmp(filename, "/dev/null")) - filename = "nul"; - if ((oflags & O_APPEND) && !is_local_named_pipe_path(filename)) open_fn = mingw_open_append; else open_fn = _wopen; - if (xutftowcs_path(wfilename, filename) < 0) + if (filename && !strcmp(filename, "/dev/null")) + wcscpy(wfilename, L"nul"); + else if (xutftowcs_path(wfilename, filename) < 0) return -1; + fd = open_fn(wfilename, oflags, mode); if (fd < 0 && (oflags & O_ACCMODE) != O_RDONLY && errno == EACCES) { @@ -556,10 +556,13 @@ FILE *mingw_fopen (const char *filename, const char *otype) return NULL; } if (filename && !strcmp(filename, "/dev/null")) - filename = "nul"; - if (xutftowcs_path(wfilename, filename) < 0 || - xutftowcs(wotype, otype, ARRAY_SIZE(wotype)) < 0) + wcscpy(wfilename, L"nul"); + else if (xutftowcs_path(wfilename, filename) < 0) return NULL; + + if (xutftowcs(wotype, otype, ARRAY_SIZE(wotype)) < 0) + return NULL; + if (hide && !access(filename, F_OK) && set_hidden_flag(wfilename, 0)) { error("could not unhide %s", filename); return NULL; @@ -583,10 +586,13 @@ FILE *mingw_freopen (const char *filename, const char *otype, FILE *stream) return NULL; } if (filename && !strcmp(filename, "/dev/null")) - filename = "nul"; - if (xutftowcs_path(wfilename, filename) < 0 || - xutftowcs(wotype, otype, ARRAY_SIZE(wotype)) < 0) + wcscpy(wfilename, L"nul"); + else if (xutftowcs_path(wfilename, filename) < 0) return NULL; + + if (xutftowcs(wotype, otype, ARRAY_SIZE(wotype)) < 0) + return NULL; + if (hide && !access(filename, F_OK) && set_hidden_flag(wfilename, 0)) { error("could not unhide %s", filename); return NULL; |