[PATCH STABLE] subrepo: avoid false unsafe path detection on Windows
Yuya Nishihara
yuya at tcha.org
Wed Feb 6 06:54:02 EST 2019
On Tue, 05 Feb 2019 21:04:00 -0500, Matt Harbison wrote:
> # HG changeset patch
> # User Matt Harbison <matt_harbison at yahoo.com>
> # Date 1549417854 18000
> # Tue Feb 05 20:50:54 2019 -0500
> # Branch stable
> # Node ID 0e18c6ec895542394c0ad18c380bf3bbd4ba4d9b
> # Parent 8b2892d5a9f2c06c998c977015a9ad3e3a3c9b5f
> subrepo: avoid false unsafe path detection on Windows
>
> Subrepo paths are not normalized for the OS, so what was happening in the
> subsequent root path check was:
>
> root -> $TESTTMP\issue1852a\sub/repo
> util.expandpath(...) -> $TESTTMP\issue1852a\sub/repo
> os.path.realpath(...) -> $TESTTMP\issue1852a\sub\repo
Oops, my bad.
> diff --git a/mercurial/subrepo.py b/mercurial/subrepo.py
> --- a/mercurial/subrepo.py
> +++ b/mercurial/subrepo.py
> @@ -405,7 +405,7 @@ class hgsubrepo(abstractsubrepo):
> super(hgsubrepo, self).__init__(ctx, path)
> self._state = state
> r = ctx.repo()
> - root = r.wjoin(path)
> + root = os.path.realpath(r.wjoin(path))
Can we do r.wjoin(util.localpath(path)) instead? Even though symlinks and
".."s should be checked before, I want to avoid path resolution here for
extra safety.
What I'm not certain is whether realpath() does normalize long/short names
and lower/upper case stuff. os.path.realpath() appears to call
GetFullPathName() on Windows, and I guess it wouldn't do such normalization,
but I'm not sure.
https://docs.microsoft.com/en-us/windows/desktop/api/fileapi/nf-fileapi-getfullpathnamea
More information about the Mercurial-devel
mailing list