summaryrefslogtreecommitdiff
path: root/t
diff options
context:
space:
mode:
authorLibravatar Johannes Schindelin <johannes.schindelin@gmx.de>2019-08-28 12:22:17 +0200
committerLibravatar Johannes Schindelin <johannes.schindelin@gmx.de>2019-12-05 15:36:51 +0100
commit91bd46588e6959e6903e275f78b10bd07830d547 (patch)
tree00b0bb3ed0584501a3638e7eaaf28d29bc792cf6 /t
parentpath: safeguard `.git` against NTFS Alternate Streams Accesses (diff)
downloadtgif-91bd46588e6959e6903e275f78b10bd07830d547.tar.xz
path: also guard `.gitmodules` against NTFS Alternate Data Streams
We just safe-guarded `.git` against NTFS Alternate Data Stream-related attack vectors, and now it is time to do the same for `.gitmodules`. Note: In the added regression test, we refrain from verifying all kinds of variations between short names and NTFS Alternate Data Streams: as the new code disallows _all_ Alternate Data Streams of `.gitmodules`, it is enough to test one in order to know that all of them are guarded against. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Diffstat (limited to 't')
-rwxr-xr-xt/t0060-path-utils.sh7
1 files changed, 6 insertions, 1 deletions
diff --git a/t/t0060-path-utils.sh b/t/t0060-path-utils.sh
index 3f3357ed9f..2b8589e921 100755
--- a/t/t0060-path-utils.sh
+++ b/t/t0060-path-utils.sh
@@ -408,6 +408,9 @@ test_expect_success 'match .gitmodules' '
~1000000 \
~9999999 \
\
+ .gitmodules:\$DATA \
+ "gitmod~4 . :\$DATA" \
+ \
--not \
".gitmodules x" \
".gitmodules .x" \
@@ -432,7 +435,9 @@ test_expect_success 'match .gitmodules' '
\
GI7EB~1 \
GI7EB~01 \
- GI7EB~1X
+ GI7EB~1X \
+ \
+ .gitmodules,:\$DATA
'
test_done