init: Avoid autoenabling special remotes that have control characters in their names

I'm on the fence about this. Notice that pulling from a git remote can pull branches that have escape sequences in their names. Git will display those as-is. Arguably git should try harder to avoid that. But, names of remotes are usually up to the local user, and autoenable changes that, and so it makes sense that git chooses to display control characters in names of remotes, and so autoenable needs to guard against it. Sponsored-by: Graham Spencer on Patreon
2023-04-12 12:33:17 -04:00 · 2023-04-12 12:33:17 -04:00 · c50aa21d5f
commit c50aa21d5f
parent de68e3dd4f
3 changed files with 16 additions and 5 deletions
--- a/doc/todo/terminal_escapes_in_filenames.mdwn
+++ b/doc/todo/terminal_escapes_in_filenames.mdwn
@ -52,6 +52,9 @@ that, when outputting to a terminal?
 Also: git-annex initremote with autoenable may be able to cause a remote
 with a malicious name to be set up?

+> Fixed this by silently skipping autoenable, which seems fine since only
+> an attacker would ever try this.
+
 Also: Any place that an exception is thrown with an attacker-controlled value.
 `giveup` has been made to filter out control characters, but that leaves
 other exceptions, including ones thrown by libraries. Catch all exceptions