Code

verify_path: consider dos drive prefix
authorErik Faye-Lund <kusmabite@gmail.com>
Fri, 27 May 2011 16:00:40 +0000 (18:00 +0200)
committerJunio C Hamano <gitster@pobox.com>
Fri, 27 May 2011 17:59:18 +0000 (10:59 -0700)
commit56948cb6aa8189e3b77c700119d179172e0f8c4a
tree72aedbd05bfbe0621077b69aa846b4c95ba23170
parentd1c69255a1014ccaeb9841f2114e20f048556391
verify_path: consider dos drive prefix

If someone manage to create a repo with a 'C:' entry in the
root-tree, files can be written outside of the working-dir. This
opens up a can-of-worms of exploits.

Fix it by explicitly checking for a dos drive prefix when verifying
a paht. While we're at it, make sure that paths beginning with '\' is
considered absolute as well.

Noticed-by: Theo Niessink <theo@taletn.com>
Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
read-cache.c