diff options
| author |  Erik Faye-Lund <kusmabite@gmail.com> | 2011-05-27 18:00:40 +0200 |
|---|---|---|
| committer |  Junio C Hamano <gitster@pobox.com> | 2011-05-27 10:59:18 -0700 |
| commit | 56948cb6aa8189e3b77c700119d179172e0f8c4a (patch) | |
| tree | 72aedbd05bfbe0621077b69aa846b4c95ba23170 /Documentation/git-init.txt | |
| parent | real_path: do not assume '/' is the path seperator (diff) | |
| download | tgif-56948cb6aa8189e3b77c700119d179172e0f8c4a.tar.xz | |
verify_path: consider dos drive prefix
If someone manage to create a repo with a 'C:' entry in the
root-tree, files can be written outside of the working-dir. This
opens up a can-of-worms of exploits.
Fix it by explicitly checking for a dos drive prefix when verifying
a paht. While we're at it, make sure that paths beginning with '\' is
considered absolute as well.
Noticed-by: Theo Niessink <theo@taletn.com>
Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'Documentation/git-init.txt')
0 files changed, 0 insertions, 0 deletions