git style filename quoting for giveup
When the filenames are part of the git repository or other files that might have attacker-controlled names, quote them in error messages. This is fairly complete, although I didn't do the one in Utility.DirWatcher.INotify.hs because that doesn't have access to Git.Filename or Annex. But it's also quite possible I missed some. And also while scanning for these, I found giveup used with other things that could be attacker controlled to contain control characters (eg Keys). So, I'm thinking it would also be good for giveup to just filter out control characters. This commit is then not the only line of defence, but just good formatting when git-annex displays a filename in an error message. Sponsored-by: Kevin Mueller on Patreon
This commit is contained in:
Joey Hess
parent
da83652c76
commit
063c00e4f7
8 changed files with 79 additions and 30 deletions
|
|
@ -13,6 +13,7 @@ module Git.Filename (
|
|||
quote,
|
||||
QuotePath(..),
|
||||
StringContainingQuotedPath(..),
|
||||
quotedPaths,
|
||||
prop_quote_unquote_roundtrip,
|
||||
) where
|
||||
|
||||
|
|
@ -73,6 +74,12 @@ data StringContainingQuotedPath
|
|||
| StringContainingQuotedPath :+: StringContainingQuotedPath
|
||||
deriving (Show, Eq)
|
||||
|
||||
quotedPaths :: [RawFilePath] -> StringContainingQuotedPath
|
||||
quotedPaths [] = mempty
|
||||
quotedPaths (p:ps) = QuotedPath p <> if null ps
|
||||
then mempty
|
||||
else " " <> quotedPaths ps
|
||||
|
||||
instance Quoteable StringContainingQuotedPath where
|
||||
quote _ (UnquotedString s) = encodeBS s
|
||||
quote qp (QuotedPath p) = quote qp p
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue