[darcs-users] [patch136] remove the hardcoded string "_darcs" in ... (and 1 more)

Trent W. Buck twb at cybersource.com.au
Thu Jan 14 03:28:29 UTC 2010


Petr Ročkai <bugs at darcs.net> writes:

> If someone managed to create patches referring to files under _darcs
> (by removing that _darcs entry from their boring file), I can only
> assume that BAD THINGS would happen.

Out of curiosity, I simulated such an attack:

    $ with-temp-dir
    with-temp-dir: entering directory `/tmp/with-temp-dir.n5DiqN'
    This directory will be deleted when you exit.
    $ darcs init
    $ date >x
    $ darcs rec -qlamx x
    Recording changes in "x":

    Finished recording patch 'x'
    $ darcs init --repo null
    $ darcs send --dont-sign --dont-edit -aox.dpatch null
    Creating patch to "/tmp/with-temp-dir.n5DiqN/null"...
    Wrote patch to /tmp/with-temp-dir.n5DiqN/x.dpatch.
    $ sed -i x.dpatch -e 's|./x|./_darcs/x|g' -e '/Patch bundle hash:/,$d'
    $ darcs apply --repo null x.dpatch

    darcs failed:  Malicious path in patch:
        ./_darcs/x

    If you are sure this is ok then you can run again with the --dont-restrict-paths option.



More information about the darcs-users mailing list