Commit 55d31e16 authored by Jay Conrod's avatar Jay Conrod

cmd/go: add '--' before repository names when invoking vcs tools

Also, in 'go get' in GOPATH mode, report an error for package paths
that start with '-'.

Change-Id: Ic2575381aa2d093ba15c53b893bf2eaded8b6066
Reviewed-on: https://go-review.googlesource.com/c/go/+/181237
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: default avatarDmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: default avatarBryan C. Mills <bcmills@google.com>
parent b388d686
...@@ -41,6 +41,9 @@ func checkPath(path string, fileName bool) error { ...@@ -41,6 +41,9 @@ func checkPath(path string, fileName bool) error {
if path == "" { if path == "" {
return fmt.Errorf("empty string") return fmt.Errorf("empty string")
} }
if path[0] == '-' {
return fmt.Errorf("leading dash")
}
if strings.Contains(path, "..") { if strings.Contains(path, "..") {
return fmt.Errorf("double dot") return fmt.Errorf("double dot")
} }
......
...@@ -112,7 +112,7 @@ var vcsHg = &vcsCmd{ ...@@ -112,7 +112,7 @@ var vcsHg = &vcsCmd{
name: "Mercurial", name: "Mercurial",
cmd: "hg", cmd: "hg",
createCmd: []string{"clone -U {repo} {dir}"}, createCmd: []string{"clone -U -- {repo} {dir}"},
downloadCmd: []string{"pull"}, downloadCmd: []string{"pull"},
// We allow both tag and branch names as 'tags' // We allow both tag and branch names as 'tags'
...@@ -128,7 +128,7 @@ var vcsHg = &vcsCmd{ ...@@ -128,7 +128,7 @@ var vcsHg = &vcsCmd{
tagSyncDefault: []string{"update default"}, tagSyncDefault: []string{"update default"},
scheme: []string{"https", "http", "ssh"}, scheme: []string{"https", "http", "ssh"},
pingCmd: "identify {scheme}://{repo}", pingCmd: "identify -- {scheme}://{repo}",
remoteRepo: hgRemoteRepo, remoteRepo: hgRemoteRepo,
} }
...@@ -145,7 +145,7 @@ var vcsGit = &vcsCmd{ ...@@ -145,7 +145,7 @@ var vcsGit = &vcsCmd{
name: "Git", name: "Git",
cmd: "git", cmd: "git",
createCmd: []string{"clone {repo} {dir}", "-go-internal-cd {dir} submodule update --init --recursive"}, createCmd: []string{"clone -- {repo} {dir}", "-go-internal-cd {dir} submodule update --init --recursive"},
downloadCmd: []string{"pull --ff-only", "submodule update --init --recursive"}, downloadCmd: []string{"pull --ff-only", "submodule update --init --recursive"},
tagCmd: []tagCmd{ tagCmd: []tagCmd{
...@@ -165,7 +165,7 @@ var vcsGit = &vcsCmd{ ...@@ -165,7 +165,7 @@ var vcsGit = &vcsCmd{
tagSyncDefault: []string{"submodule update --init --recursive"}, tagSyncDefault: []string{"submodule update --init --recursive"},
scheme: []string{"git", "https", "http", "git+ssh", "ssh"}, scheme: []string{"git", "https", "http", "git+ssh", "ssh"},
pingCmd: "ls-remote {scheme}://{repo}", pingCmd: "ls-remote -- {scheme}://{repo}",
remoteRepo: gitRemoteRepo, remoteRepo: gitRemoteRepo,
} }
...@@ -222,7 +222,7 @@ var vcsBzr = &vcsCmd{ ...@@ -222,7 +222,7 @@ var vcsBzr = &vcsCmd{
name: "Bazaar", name: "Bazaar",
cmd: "bzr", cmd: "bzr",
createCmd: []string{"branch {repo} {dir}"}, createCmd: []string{"branch -- {repo} {dir}"},
// Without --overwrite bzr will not pull tags that changed. // Without --overwrite bzr will not pull tags that changed.
// Replace by --overwrite-tags after http://pad.lv/681792 goes in. // Replace by --overwrite-tags after http://pad.lv/681792 goes in.
...@@ -233,7 +233,7 @@ var vcsBzr = &vcsCmd{ ...@@ -233,7 +233,7 @@ var vcsBzr = &vcsCmd{
tagSyncDefault: []string{"update -r revno:-1"}, tagSyncDefault: []string{"update -r revno:-1"},
scheme: []string{"https", "http", "bzr", "bzr+ssh"}, scheme: []string{"https", "http", "bzr", "bzr+ssh"},
pingCmd: "info {scheme}://{repo}", pingCmd: "info -- {scheme}://{repo}",
remoteRepo: bzrRemoteRepo, remoteRepo: bzrRemoteRepo,
resolveRepo: bzrResolveRepo, resolveRepo: bzrResolveRepo,
} }
...@@ -284,14 +284,14 @@ var vcsSvn = &vcsCmd{ ...@@ -284,14 +284,14 @@ var vcsSvn = &vcsCmd{
name: "Subversion", name: "Subversion",
cmd: "svn", cmd: "svn",
createCmd: []string{"checkout {repo} {dir}"}, createCmd: []string{"checkout -- {repo} {dir}"},
downloadCmd: []string{"update"}, downloadCmd: []string{"update"},
// There is no tag command in subversion. // There is no tag command in subversion.
// The branch information is all in the path names. // The branch information is all in the path names.
scheme: []string{"https", "http", "svn", "svn+ssh"}, scheme: []string{"https", "http", "svn", "svn+ssh"},
pingCmd: "info {scheme}://{repo}", pingCmd: "info -- {scheme}://{repo}",
remoteRepo: svnRemoteRepo, remoteRepo: svnRemoteRepo,
} }
...@@ -334,7 +334,7 @@ var vcsFossil = &vcsCmd{ ...@@ -334,7 +334,7 @@ var vcsFossil = &vcsCmd{
name: "Fossil", name: "Fossil",
cmd: "fossil", cmd: "fossil",
createCmd: []string{"-go-internal-mkdir {dir} clone {repo} " + filepath.Join("{dir}", fossilRepoName), "-go-internal-cd {dir} open .fossil"}, createCmd: []string{"-go-internal-mkdir {dir} clone -- {repo} " + filepath.Join("{dir}", fossilRepoName), "-go-internal-cd {dir} open .fossil"},
downloadCmd: []string{"up"}, downloadCmd: []string{"up"},
tagCmd: []tagCmd{{"tag ls", `(.*)`}}, tagCmd: []tagCmd{{"tag ls", `(.*)`}},
......
...@@ -80,7 +80,7 @@ func newGitRepo(remote string, localOK bool) (Repo, error) { ...@@ -80,7 +80,7 @@ func newGitRepo(remote string, localOK bool) (Repo, error) {
// but this lets us say git fetch origin instead, which // but this lets us say git fetch origin instead, which
// is a little nicer. More importantly, using a named remote // is a little nicer. More importantly, using a named remote
// avoids a problem with Git LFS. See golang.org/issue/25605. // avoids a problem with Git LFS. See golang.org/issue/25605.
if _, err := Run(r.dir, "git", "remote", "add", "origin", r.remote); err != nil { if _, err := Run(r.dir, "git", "remote", "add", "origin", "--", r.remote); err != nil {
os.RemoveAll(r.dir) os.RemoveAll(r.dir)
return nil, err return nil, err
} }
...@@ -123,6 +123,8 @@ type gitRepo struct { ...@@ -123,6 +123,8 @@ type gitRepo struct {
statCache par.Cache statCache par.Cache
refsOnce sync.Once refsOnce sync.Once
// refs maps branch and tag refs (e.g., "HEAD", "refs/heads/master")
// to commits (e.g., "37ffd2e798afde829a34e8955b716ab730b2a6d6")
refs map[string]string refs map[string]string
refsErr error refsErr error
...@@ -407,7 +409,7 @@ func (r *gitRepo) fetchUnshallow(refSpecs ...string) error { ...@@ -407,7 +409,7 @@ func (r *gitRepo) fetchUnshallow(refSpecs ...string) error {
// statLocal returns a RevInfo describing rev in the local git repository. // statLocal returns a RevInfo describing rev in the local git repository.
// It uses version as info.Version. // It uses version as info.Version.
func (r *gitRepo) statLocal(version, rev string) (*RevInfo, error) { func (r *gitRepo) statLocal(version, rev string) (*RevInfo, error) {
out, err := Run(r.dir, "git", "-c", "log.showsignature=false", "log", "-n1", "--format=format:%H %ct %D", rev) out, err := Run(r.dir, "git", "-c", "log.showsignature=false", "log", "-n1", "--format=format:%H %ct %D", rev, "--")
if err != nil { if err != nil {
return nil, fmt.Errorf("unknown revision %s", rev) return nil, fmt.Errorf("unknown revision %s", rev)
} }
......
...@@ -143,7 +143,7 @@ var vcsCmds = map[string]*vcsCmd{ ...@@ -143,7 +143,7 @@ var vcsCmds = map[string]*vcsCmd{
"hg": { "hg": {
vcs: "hg", vcs: "hg",
init: func(remote string) []string { init: func(remote string) []string {
return []string{"hg", "clone", "-U", remote, "."} return []string{"hg", "clone", "-U", "--", remote, "."}
}, },
tags: func(remote string) []string { tags: func(remote string) []string {
return []string{"hg", "tags", "-q"} return []string{"hg", "tags", "-q"}
...@@ -168,7 +168,7 @@ var vcsCmds = map[string]*vcsCmd{ ...@@ -168,7 +168,7 @@ var vcsCmds = map[string]*vcsCmd{
if subdir != "" { if subdir != "" {
pattern = []string{"-I", subdir + "/**"} pattern = []string{"-I", subdir + "/**"}
} }
return str.StringList("hg", "archive", "-t", "zip", "--no-decode", "-r", rev, "--prefix=prefix/", pattern, target) return str.StringList("hg", "archive", "-t", "zip", "--no-decode", "-r", rev, "--prefix=prefix/", pattern, "--", target)
}, },
}, },
...@@ -176,7 +176,7 @@ var vcsCmds = map[string]*vcsCmd{ ...@@ -176,7 +176,7 @@ var vcsCmds = map[string]*vcsCmd{
vcs: "svn", vcs: "svn",
init: nil, // no local checkout init: nil, // no local checkout
tags: func(remote string) []string { tags: func(remote string) []string {
return []string{"svn", "list", strings.TrimSuffix(remote, "/trunk") + "/tags"} return []string{"svn", "list", "--", strings.TrimSuffix(remote, "/trunk") + "/tags"}
}, },
tagRE: re(`(?m)^(.*?)/?$`), tagRE: re(`(?m)^(.*?)/?$`),
statLocal: func(rev, remote string) []string { statLocal: func(rev, remote string) []string {
...@@ -184,12 +184,12 @@ var vcsCmds = map[string]*vcsCmd{ ...@@ -184,12 +184,12 @@ var vcsCmds = map[string]*vcsCmd{
if rev == "latest" { if rev == "latest" {
suffix = "" suffix = ""
} }
return []string{"svn", "log", "-l1", "--xml", remote + suffix} return []string{"svn", "log", "-l1", "--xml", "--", remote + suffix}
}, },
parseStat: svnParseStat, parseStat: svnParseStat,
latest: "latest", latest: "latest",
readFile: func(rev, file, remote string) []string { readFile: func(rev, file, remote string) []string {
return []string{"svn", "cat", remote + "/" + file + "@" + rev} return []string{"svn", "cat", "--", remote + "/" + file + "@" + rev}
}, },
// TODO: zip // TODO: zip
}, },
...@@ -197,7 +197,7 @@ var vcsCmds = map[string]*vcsCmd{ ...@@ -197,7 +197,7 @@ var vcsCmds = map[string]*vcsCmd{
"bzr": { "bzr": {
vcs: "bzr", vcs: "bzr",
init: func(remote string) []string { init: func(remote string) []string {
return []string{"bzr", "branch", "--use-existing-dir", remote, "."} return []string{"bzr", "branch", "--use-existing-dir", "--", remote, "."}
}, },
fetch: []string{ fetch: []string{
"bzr", "pull", "--overwrite-tags", "bzr", "pull", "--overwrite-tags",
...@@ -220,14 +220,14 @@ var vcsCmds = map[string]*vcsCmd{ ...@@ -220,14 +220,14 @@ var vcsCmds = map[string]*vcsCmd{
if subdir != "" { if subdir != "" {
extra = []string{"./" + subdir} extra = []string{"./" + subdir}
} }
return str.StringList("bzr", "export", "--format=zip", "-r", rev, "--root=prefix/", target, extra) return str.StringList("bzr", "export", "--format=zip", "-r", rev, "--root=prefix/", "--", target, extra)
}, },
}, },
"fossil": { "fossil": {
vcs: "fossil", vcs: "fossil",
init: func(remote string) []string { init: func(remote string) []string {
return []string{"fossil", "clone", remote, ".fossil"} return []string{"fossil", "clone", "--", remote, ".fossil"}
}, },
fetch: []string{"fossil", "pull", "-R", ".fossil"}, fetch: []string{"fossil", "pull", "-R", ".fossil"},
tags: func(remote string) []string { tags: func(remote string) []string {
...@@ -249,7 +249,7 @@ var vcsCmds = map[string]*vcsCmd{ ...@@ -249,7 +249,7 @@ var vcsCmds = map[string]*vcsCmd{
} }
// Note that vcsRepo.ReadZip below rewrites this command // Note that vcsRepo.ReadZip below rewrites this command
// to run in a different directory, to work around a fossil bug. // to run in a different directory, to work around a fossil bug.
return str.StringList("fossil", "zip", "-R", ".fossil", "--name", "prefix", extra, rev, target) return str.StringList("fossil", "zip", "-R", ".fossil", "--name", "prefix", extra, "--", rev, target)
}, },
}, },
} }
......
...@@ -169,6 +169,9 @@ func checkPath(path string, fileName bool) error { ...@@ -169,6 +169,9 @@ func checkPath(path string, fileName bool) error {
if path == "" { if path == "" {
return fmt.Errorf("empty string") return fmt.Errorf("empty string")
} }
if path[0] == '-' {
return fmt.Errorf("leading dash")
}
if strings.Contains(path, "..") { if strings.Contains(path, "..") {
return fmt.Errorf("double dot") return fmt.Errorf("double dot")
} }
......
...@@ -79,7 +79,7 @@ var checkPathTests = []struct { ...@@ -79,7 +79,7 @@ var checkPathTests = []struct {
{"/x.y/z", false, false, false}, {"/x.y/z", false, false, false},
{"x./z", false, false, false}, {"x./z", false, false, false},
{".x/z", false, false, true}, {".x/z", false, false, true},
{"-x/z", false, true, true}, {"-x/z", false, false, false},
{"x..y/z", false, false, false}, {"x..y/z", false, false, false},
{"x.y/z/../../w", false, false, false}, {"x.y/z/../../w", false, false, false},
{"x.y//z", false, false, false}, {"x.y//z", false, false, false},
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment