From f3bb6531de8deef2900898fd751a8338d7315600 Mon Sep 17 00:00:00 2001 From: "Kyle J. McKay" Date: Fri, 29 Aug 2014 17:38:49 -0700 Subject: [PATCH] names: tighten up the requirements for project and user names Project and user names must now start with a letter or digit. Additionally the final component of a project name cannot end in '.' (non-final project name components have never allowed a trailing '.'). Project names have never been allowed to end in '.git' now that match is case insensitive. Additionally, so that a project name can potentially be used as part of a valid Git ref name, names now may not end in '.lock' (case insensitively) nor contain a '..' sequence either. Pre-existing projects that violate these restrictions will continue to be accessible and editable but no new projects that violate the new restrictions can be created. --- Girocco/Project.pm | 34 +++++++++++++++++++++++++++++++--- Girocco/User.pm | 2 +- cgi/regproj.cgi | 10 ++++++---- 3 files changed, 38 insertions(+), 8 deletions(-) diff --git a/Girocco/Project.pm b/Girocco/Project.pm index 6511c25..48e2d07 100644 --- a/Girocco/Project.pm +++ b/Girocco/Project.pm @@ -782,13 +782,41 @@ sub get_forkee_path { -d $forkee ? $forkee : ''; } +# Ultimately the full project/fork name could end up being part of a Git ref name +# when a project's forks are combined into one giant repository for efficiency. +# That means that the project/fork name must satisfy the Git ref name requirements: +# +# 1. Characters with an ASCII value less than or equal to 32 are not allowed +# 2. The character with an ASCII value of 0x7F is not allowed +# 3. The characters '~', '^', ':', '\', '*', '?', and '[' are not allowed +# 4. The character '/' is a separator and is not allowed within a name +# 5. The name may not start with '.' or end with '.' +# 6. The name may not end with '.lock' +# 7. The name may not contain the '..' sequence +# 8. The name may not contain the '@{' sequence +# 9. If multiple components are used (separated by '/'), no empty '' components +# +# We also prohibit a trailing '.git' on any path component and futher restrict +# the allowed characters to alphanumeric and [+._-] where names must start with +# an alphanumeric. +# +# The rules are relaxed slightly for existing projects (for now) to accomodate them. + sub _valid_name_characters { local $_ = $_[0]; - (not m#^/#) + my $relaxed = $_[1]; + (not m#^[/+._-]#) and (not m#//#) + and (not m#\.\.#) + and (not m#/[+._-]# or $relaxed) and (not m#\./#) + and (not m#\.$# or $relaxed) + and (not m#\.git/#i) + and (not m#\.git$#i) + and (not m#\.lock/#i) + and (not m#\.lock$#i) and (not m#/$#) - and m#^[a-zA-Z0-9+./_-]+$#; + and m#^[a-zA-Z0-9/+._-]+$#; } sub valid_name { @@ -804,7 +832,7 @@ sub does_exist { no warnings; # avoid silly 'unsuccessful stat on filename with \n' warning my ($name, $nodie) = @_; my $okay = ( - _valid_name_characters($name) + _valid_name_characters($name, 1) and ((not $name =~ m#/#) or -d get_forkee_path($name) or -d $Girocco::Config::reporoot.'/'.get_forkee_name($name))); diff --git a/Girocco/User.pm b/Girocco/User.pm index 21ae21f..d00e637 100644 --- a/Girocco/User.pm +++ b/Girocco/User.pm @@ -396,7 +396,7 @@ sub remove { sub valid_name { $_ = $_[0]; - /^[a-zA-Z0-9+._-]+$/; + /^[a-zA-Z0-9][a-zA-Z0-9+._-]*$/; } sub does_exist { diff --git a/cgi/regproj.cgi b/cgi/regproj.cgi index c984159..63ca47f 100755 --- a/cgi/regproj.cgi +++ b/cgi/regproj.cgi @@ -56,12 +56,14 @@ if ($cgi->param('mode') && $y0 eq 'Register' && $cgi->request_method eq 'POST') if (Girocco::Project::valid_name($name)) { Girocco::Project::does_exist($name,1) and $gcgi->err("Project with the name '$name' already exists."); - $name =~ /\.git$/ - and $gcgi->err("Project name should not end with .git - I'll add that automagically."); } else { $validname = 0; - my $htmlname = html_esc($name); - $gcgi->err("Invalid project name \"$htmlname\" (contains bad characters or is a reserved project name)."); + if ($name =~ /^(.*)\.git$/i && Girocco::Project::valid_name($1)) { + $gcgi->err("Project name should not end with .git - I'll add that automagically."); + } else { + my $htmlname = html_esc($name); + $gcgi->err("Invalid project name \"$htmlname\" (contains bad characters or is a reserved project name)."); + } } my $check = $cgi->param('mail'); -- 2.11.4.GIT