Commit 3da1f37d authored by Michael Haggerty's avatar Michael Haggerty

ref_transaction_update(): check refname_is_safe() at a minimum

If the user has asked that a new value be set for a reference, we use
check_refname_format() to verify that the reference name satisfies all
of the rules. But in other cases, at least check that refname_is_safe().
Signed-off-by: default avatarMichael Haggerty <[email protected]>
parent e76e0d41
......@@ -805,8 +805,9 @@ int ref_transaction_update(struct ref_transaction *transaction,
{
assert(err);
if (new_sha1 && !is_null_sha1(new_sha1) &&
check_refname_format(refname, REFNAME_ALLOW_ONELEVEL)) {
if ((new_sha1 && !is_null_sha1(new_sha1)) ?
check_refname_format(refname, REFNAME_ALLOW_ONELEVEL) :
!refname_is_safe(refname)) {
strbuf_addf(err, "refusing to update ref with bad name '%s'",
refname);
return -1;
......
......@@ -23,7 +23,7 @@ test_expect_success setup '
m=refs/heads/master
n_dir=refs/heads/gu
n=$n_dir/fixes
outside=foo
outside=refs/foo
test_expect_success \
"create $m" \
......
......@@ -285,7 +285,7 @@ test_expect_success 'update-ref -d cannot delete non-ref in .git dir' '
echo precious >expect &&
test_must_fail git update-ref -d my-private-file >output 2>error &&
test_must_be_empty output &&
test_i18ngrep -e "cannot lock .*: unable to resolve reference" error &&
test_i18ngrep -e "refusing to update ref with bad name" error &&
test_cmp expect .git/my-private-file
'
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment