[Dulwich-users] [PATCH v3 4/4] repo.Repo.get_named_file: check that file is really in git directory

Tay Ray Chuan Sun, 26 Dec 2010 08:17:29 -0800

---
 dulwich/repo.py |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)


diff --git a/dulwich/repo.py b/dulwich/repo.py
index b1ebd2a..6f58924 100644
--- a/dulwich/repo.py
+++ b/dulwich/repo.py
@@ -1139,7 +1139,13 @@ class Repo(BaseRepo):
         # TODO(dborowitz): sanitize filenames, since this is used directly by
         # the dumb web serving code.
         path = path.lstrip(os.path.sep)
-        path = _norm_path(os.path.join(self.controldir(), path))
+        parent = _norm_path(self.controldir())
+        path = _norm_path(os.path.join(parent, path))
+
+        # check that the file lies in the git directory
+        if not path.startswith(parent):
+            return None
+
         try:
             return open(path, 'rb')
         except (IOError, OSError), e:
-- 
1.7.3.2.msysgit.0


_______________________________________________
Mailing list: https://launchpad.net/~dulwich-users
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~dulwich-users
More help   : https://help.launchpad.net/ListHelp

[Dulwich-users] [PATCH v3 4/4] repo.Repo.get_named_file: check that file is really in git directory

Reply via email to