e36c347ff9
`Rugged::Reference.valid_name?` used in `Gitlab::GitRefValidator.validate` fails on strings containing null bytes because it uses `StringValueCStr()`. Per https://silverhammermba.github.io/emberb/c/: Ruby’s String kinda corresponds to C’s char*. The simplest macro is StringValueCStr() which returns a null-terminated char* for a String. The problem here is that a Ruby String might contain nulls - in which case StringValueCStr() will raise an ArgumentError! Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54466
23 lines
644 B
Ruby
23 lines
644 B
Ruby
# frozen_string_literal: true
|
|
|
|
# Gitaly note: JV: does not need to be migrated, works without a repo.
|
|
|
|
module Gitlab
|
|
module GitRefValidator
|
|
extend self
|
|
# Validates a given name against the git reference specification
|
|
#
|
|
# Returns true for a valid reference name, false otherwise
|
|
def validate(ref_name)
|
|
not_allowed_prefixes = %w(refs/heads/ refs/remotes/ -)
|
|
return false if ref_name.start_with?(*not_allowed_prefixes)
|
|
return false if ref_name == 'HEAD'
|
|
|
|
begin
|
|
Rugged::Reference.valid_name?("refs/heads/#{ref_name}")
|
|
rescue ArgumentError
|
|
return false
|
|
end
|
|
end
|
|
end
|
|
end
|