diff options
| author |  Johannes Schindelin <johannes.schindelin@gmx.de> | 2019-08-28 12:22:17 +0200 |
|---|---|---|
| committer | Johannes Schindelin <johannes.schindelin@gmx.de> | 2019-12-05 15:36:51 +0100 |
| commit | 91bd46588e6959e6903e275f78b10bd07830d547 (patch) | |
| tree | 00b0bb3ed0584501a3638e7eaaf28d29bc792cf6 /t/t0060-path-utils.sh | |
| parent | path: safeguard `.git` against NTFS Alternate Streams Accesses (diff) | |
| download | tgif-91bd46588e6959e6903e275f78b10bd07830d547.tar.xz | |
path: also guard `.gitmodules` against NTFS Alternate Data Streams
We just safe-guarded `.git` against NTFS Alternate Data Stream-related
attack vectors, and now it is time to do the same for `.gitmodules`.
Note: In the added regression test, we refrain from verifying all kinds
of variations between short names and NTFS Alternate Data Streams: as
the new code disallows _all_ Alternate Data Streams of `.gitmodules`, it
is enough to test one in order to know that all of them are guarded
against.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Diffstat (limited to 't/t0060-path-utils.sh')
| -rwxr-xr-x | t/t0060-path-utils.sh | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/t/t0060-path-utils.sh b/t/t0060-path-utils.sh index 3f3357ed9f..2b8589e921 100755 --- a/t/t0060-path-utils.sh +++ b/t/t0060-path-utils.sh @@ -408,6 +408,9 @@ test_expect_success 'match .gitmodules' ' ~1000000 \ ~9999999 \ \ + .gitmodules:\$DATA \ + "gitmod~4 . :\$DATA" \ + \ --not \ ".gitmodules x" \ ".gitmodules .x" \ @@ -432,7 +435,9 @@ test_expect_success 'match .gitmodules' ' \ GI7EB~1 \ GI7EB~01 \ - GI7EB~1X + GI7EB~1X \ + \ + .gitmodules,:\$DATA ' test_done |