Commit 34b6cb8bb ("http-backend: Protect GIT_PROJECT_ROOT from /../ requests") added the path_info helper function to test t5560 but did not use it. We should use it as it provides another level of error checking. The /etc/.../passwd case is one that is not special (and the test fails for reasons other than being aliased), so we remove that test case. Also rename the function from 'path_info' to 'expect_aliased'. Acked-by: Shawn O. Pearce <spearce@xxxxxxxxxxx> Signed-off-by: Tarmigan Casebolt <tarmigan+git@xxxxxxxxx> --- One thing to note is that expect_aliased 0 /repo.git/HEAD test still does not actually test any results back from http-backend, but that's also how it was before as well. --- t/t5560-http-backend.sh | 21 ++++++++++----------- 1 files changed, 10 insertions(+), 11 deletions(-) diff --git a/t/t5560-http-backend.sh b/t/t5560-http-backend.sh index 04a9896..0e4dc4b 100755 --- a/t/t5560-http-backend.sh +++ b/t/t5560-http-backend.sh @@ -162,15 +162,15 @@ test_expect_success 'http.receivepack false' ' run_backend() { REQUEST_METHOD=GET \ GIT_PROJECT_ROOT="$HTTPD_DOCUMENT_ROOT_PATH" \ - PATH_INFO="$2" \ + PATH_INFO="$1" \ git http-backend >act.out 2>act.err } -path_info() { +expect_aliased() { if test $1 = 0; then run_backend "$2" else - test_must_fail run_backend "$2" && + run_backend "$2" && echo "fatal: '$2': aliased" >exp.err && test_cmp exp.err act.err fi @@ -179,15 +179,14 @@ path_info() { test_expect_success 'http-backend blocks bad PATH_INFO' ' config http.getanyfile true && - run_backend 0 /repo.git/HEAD && + expect_aliased 0 /repo.git/HEAD && - run_backend 1 /repo.git/../HEAD && - run_backend 1 /../etc/passwd && - run_backend 1 ../etc/passwd && - run_backend 1 /etc//passwd && - run_backend 1 /etc/./passwd && - run_backend 1 /etc/.../passwd && - run_backend 1 //domain/data.txt + expect_aliased 1 /repo.git/../HEAD && + expect_aliased 1 /../etc/passwd && + expect_aliased 1 ../etc/passwd && + expect_aliased 1 /etc//passwd && + expect_aliased 1 /etc/./passwd && + expect_aliased 1 //domain/data.txt ' cat >exp <<EOF -- 1.6.6.236.gc56f3 -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html