|
5 | 5 | # the BSD License: http://www.opensource.org/licenses/bsd-license.php |
6 | 6 |
|
7 | 7 | from itertools import chain |
| 8 | +from pathlib import Path |
8 | 9 |
|
9 | 10 | from git import ( |
10 | 11 | Reference, |
|
20 | 21 | from git.objects.tag import TagObject |
21 | 22 | from test.lib import TestBase, with_rw_repo |
22 | 23 | from git.util import Actor |
| 24 | +from gitdb.exc import BadName |
23 | 25 |
|
24 | 26 | import git.refs as refs |
25 | 27 | import os.path as osp |
| 28 | +import tempfile |
26 | 29 |
|
27 | 30 |
|
28 | 31 | class TestRefs(TestBase): |
@@ -616,3 +619,14 @@ def test_dereference_recursive(self): |
616 | 619 |
|
617 | 620 | def test_reflog(self): |
618 | 621 | assert isinstance(self.rorepo.heads.master.log(), RefLog) |
| 622 | + |
| 623 | + def test_refs_outside_repo(self): |
| 624 | + # Create a file containing a valid reference outside the repository. Attempting |
| 625 | + # to access it should raise an exception. This tests for CVE-2023-41040. |
| 626 | + git_dir = Path(self.rorepo.git_dir) |
| 627 | + repo_parent_dir = git_dir.parent.parent |
| 628 | + with tempfile.NamedTemporaryFile(dir=repo_parent_dir) as ref_file: |
| 629 | + ref_file.write(b"91b464cd624fe22fbf54ea22b85a7e5cca507cfe") |
| 630 | + ref_file.flush() |
| 631 | + ref_file_name = Path(ref_file.name).name |
| 632 | + self.assertRaises(BadName, self.rorepo.commit, f"../../{ref_file_name}") |
0 commit comments