@@ -657,6 +657,7 @@ and must be in canonical form. That is it must not:
The root of the tree can be represented by a quoted empty string (`""`)
as `<path>`.
+`<path>` cannot contain NUL, either literally or escaped as `\000`.
It is recommended that `<path>` always be encoded using UTF-8.
`filedelete`
@@ -2283,6 +2283,8 @@ static void parse_path(struct strbuf *sb, const char *p, const char **endp, int
if (*p == '"') {
if (unquote_c_style(sb, p, endp))
die("Invalid %s: %s", field, command_buf.buf);
+ if (strlen(sb->buf) != sb->len)
+ die("NUL in %s: %s", field, command_buf.buf);
} else {
if (allow_spaces)
*endp = p + strlen(p);
@@ -3285,6 +3285,7 @@ test_path_fail () {
test_path_base_fail () {
test_path_fail 'unclosed " in '"$field" '"hello.c' "Invalid $field"
test_path_fail "invalid escape in quoted $field" '"hello\xff"' "Invalid $field"
+ test_path_fail "escaped NUL in quoted $field" '"hello\000"' "NUL in $field"
}
test_path_eol_quoted_fail () {
test_path_base_fail
NUL cannot appear in paths. Even disregarding filesystem path limitations, the tree object format delimits with NUL, so such a path cannot be encoded by Git. When a quoted path is unquoted, it could possibly contain NUL from "\000". Forbid it so it isn't truncated. fast-import still has other issues with NUL, but those will be addressed later. Signed-off-by: Thalia Archibald <thalia@archibald.dev> --- Documentation/git-fast-import.txt | 1 + builtin/fast-import.c | 2 ++ t/t9300-fast-import.sh | 1 + 3 files changed, 4 insertions(+)