hgitaly 18.2.2__tar.gz → 18.2.3__tar.gz

{hgitaly-18.2.2/hgitaly.egg-info → hgitaly-18.2.3}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: hgitaly
-Version: 18.2.2
+Version: 18.2.3
 Summary: Server-side implementation of Gitaly protocol for Mercurial
 Home-page: https://foss.heptapod.net/heptapod/hgitaly
 Author: Georges Racinet

hgitaly-18.2.3/hgitaly/VERSION

@@ -0,0 +1 @@
+18.2.3

{hgitaly-18.2.2 → hgitaly-18.2.3}/hgitaly/service/operations.py

@@ -426,7 +426,9 @@ class OperationServicer(OperationServiceServicer, HGitalyServicer):
 
                     if header.action in (ActionType.CREATE,
                                          ActionType.UPDATE):
-                        content_handler = UserCommitFilesContent(wd, header)
+                        content_handler = UserCommitFilesContent(
+                            context, wd, header
+                        )
                     else:
                         content_handler = None
 
@@ -477,6 +479,31 @@ class OperationServicer(OperationServiceServicer, HGitalyServicer):
         )
 
 
+def validate_checkout_path(context, relpath):
+    # absolute paths are interpreted by Gitaly as relative to the
+    # root of checkout.
+    relpath = relpath.lstrip(b'/')
+
+    for p in FORBIDDEN_IN_PATHS:
+        if p in relpath:
+            relpath_str = relpath.decode('utf-8', 'surrogateescape')
+
+            if p == DIRECTORY_CLIMB_UP:
+                # ill-named by upstream
+                error_type = 'ERROR_TYPE_DIRECTORY_TRAVERSAL'
+                msg = 'Path cannot include directory traversal'
+            else:
+                error_type = 'ERROR_TYPE_INVALID_PATH'
+                msg = f'invalid path: "{relpath_str}"'
+
+            index_error(context,
+                        status_code='INVALID_ARGUMENT',
+                        error_type=error_type,
+                        msg=msg,
+                        path=relpath)
+    return relpath
+
+
 class UserCommitFilesAction:
 
     def __init__(self, context, header, working_dir, changed_files):
@@ -485,9 +512,8 @@ class UserCommitFilesAction:
         self.changed_files = changed_files
 
         wd = self.working_dir = working_dir
-        relpath = self.relpath = header.file_path
-        self.validate(relpath)
-        self.abspath = wd.file_path(relpath)
+        self.relpath = validate_checkout_path(context, header.file_path)
+        self.abspath = wd.file_path(self.relpath)
 
     def __call__(self):
         action = self.header.action
@@ -504,36 +530,6 @@ class UserCommitFilesAction:
         elif action == ActionType.CHMOD:
             return self.chmod()
 
-    def validate(self, relpath):
-        if os.path.isabs(relpath):
-            index_error(
-                self.context,
-                status_code='INVALID_ARGUMENT',
-                error_type='ERROR_TYPE_INVALID_PATH',
-                msg='absolute',
-                path=relpath,
-            )
-
-        for p in FORBIDDEN_IN_PATHS:
-            if p in relpath:
-                relpath_str = relpath.decode('utf-8', 'surrogateescape')
-
-                if p == DIRECTORY_CLIMB_UP:
-                    # ill-named by upstream
-                    error_type = 'ERROR_TYPE_DIRECTORY_TRAVERSAL'
-                    msg = 'Path cannot include directory traversal'
-                else:
-                    error_type = 'ERROR_TYPE_INVALID_PATH'
-                    msg = f'invalid path: "{relpath_str}"'
-
-                index_error(
-                    self.context,
-                    status_code='INVALID_ARGUMENT',
-                    error_type=error_type,
-                    msg=msg,
-                    path=relpath,
-                )
-
     def create(self):
         if os.path.exists(self.abspath):
             index_error(
@@ -600,8 +596,8 @@ class UserCommitFilesAction:
     def move(self):
         self.require_file_absence()
         abspath = self.abspath
-        prev_relpath = self.header.previous_path
-        self.validate(prev_relpath)
+        prev_relpath = validate_checkout_path(self.context,
+                                              self.header.previous_path)
         prev_abspath = self.working_dir.file_path(prev_relpath)
         self.require_file_existence(abspath=prev_abspath,
                                     relpath=prev_relpath)
@@ -636,8 +632,9 @@ class UserCommitFilesAction:
 
 class UserCommitFilesContent:
 
-    def __init__(self, workdir, header):
-        self.file_path = workdir.file_path(header.file_path)
+    def __init__(self, context, workdir, header):
+        relpath = validate_checkout_path(context, header.file_path)
+        self.file_path = workdir.file_path(relpath)
         self.fobj = open(self.file_path, 'wb')
         self.make_hg_executable = (header.action == ActionType.CREATE
                                    and header.execute_filemode)

{hgitaly-18.2.2 → hgitaly-18.2.3}/hgitaly/service/tests/test_operations.py

@@ -757,7 +757,7 @@ def test_user_commit_files(operations_fixture, tmpdir):
     assert exc_info.value.code() == StatusCode.ALREADY_EXISTS
 
     # invalid paths
-    for path in ('double//slash', '../../../good.joke', '/etc/shadow'):
+    for path in ('double//slash', '../../../good.joke'):
         with pytest.raises(RpcError) as exc_info:
             commit_files(
                 branch_name=gl_branch,
@@ -793,6 +793,21 @@ def test_user_commit_files(operations_fixture, tmpdir):
             )
         assert exc_info.value.code() == StatusCode.INVALID_ARGUMENT
 
+    # leading slash is interpreted as meaning the root of checkout
+    resp = commit_files(
+        branch_name=gl_branch,
+        commit_message=b'Deleted intopic',
+        actions=(dict(action=ActionType.CREATE,
+                      file_path=b'/etc/shadow',
+                      content=b"This is in repo!",
+                      ),
+                 )
+    )
+    hex11 = resp.branch_update.commit_id.encode()
+    wrapper.reload()
+    clone_pull_update(hex11)
+    assert (clone.path / 'etc/shadow').read_binary() == b"This is in repo!"
+
     # bogus request flows
     header_req = fixture.user_commit_files_header(
         branch_name=gl_other_branch,

{hgitaly-18.2.2 → hgitaly-18.2.3/hgitaly.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: hgitaly
-Version: 18.2.2
+Version: 18.2.3
 Summary: Server-side implementation of Gitaly protocol for Mercurial
 Home-page: https://foss.heptapod.net/heptapod/hgitaly
 Author: Georges Racinet

{hgitaly-18.2.2 → hgitaly-18.2.3}/tests_with_gitaly/test_operations.py

@@ -382,7 +382,7 @@ def test_compare_commit_files(comparison):
         branch_name=b'branch/default',
         tail_requests=ucf_actions(dict(
             action=ActionType.CREATE,
-            file_path=b'foo',
+            file_path=b'/foo',
             content=b'foo content')),
     )
 
@@ -498,8 +498,7 @@ def test_compare_commit_files(comparison):
         ))
     )
 
-    # invalid path (Gitaly does not reject absolute paths and actually
-    # seems to ignore them, thankfully)
+    # invalid path
     for path in ('double//slash', '../../../good.joke'):
         for action in ('CREATE', 'CREATE_DIR', 'CHMOD',
                        'UPDATE', 'DELETE', 'MOVE'):

hgitaly-18.2.2/hgitaly/VERSION

@@ -1 +0,0 @@
-18.2.2