![]() DirCacheCheckout and CanonicalTreeParser cooperate. CanonicalTreeParser can detect malformed, potentially malicious tree entries and sets a flag, while DirCacheCheckout refuses to work with such paths. Malicious tree entries are ".", "..", ".git" (case insensitive), any name containing '/' and (on Windows '\') and also (on Windows) any paths ending in a combination of '.' or space or containing a ':'. We also forbid all special names like "con" etc on Windows. Some of the test can execute on any platform by enabling partial platform emulation. A new runtime exception, InvalidPathException, is introduced. For backwards compatibility it extends InvalidArgumentException. Change-Id: I86199105814b63d4340e5de0e471d0da6b579ead Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> |
||
---|---|---|
.. | ||
.settings | ||
META-INF | ||
src/org/eclipse/jgit/junit | ||
.classpath | ||
.gitignore | ||
.project | ||
build.properties | ||
plugin.properties | ||
pom.xml |