Expand description
Git-compatible verification of tree/index path components.
Ports Git’s verify_path() / verify_dotfile() (read-cache.c) plus the
HFS+ and NTFS .git equivalence checks from path.c. These guard against
malicious trees whose entries name .git (or a filesystem-folding alias of
it) and would otherwise let a checkout/clone write into the repository’s
own .git directory (CVE-2014-9390).
The same primitives are used both when reading a tree into the index
(read-tree) and when writing index entries out to the working tree
(checkout), so that the byte-writing path is protected even if a crafted
tree bypassed read-tree.
Structs§
- Path
Protection - Path protection settings from
core.protectHFS/core.protectNTFS.
Functions§
- verify_
path - Verify every
/-separated component ofpathis safe to materialize. - verify_
path_ component - Check whether a single path component (file or directory name) is forbidden.