Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line

[Jim Meyering]

Andreas Gruenbacher wrote:
> On Wednesday 16 February 2011 17:39:07 Jim Meyering wrote:
>> However, if somehow you can come up with input that contains 3 bad
>> file names, A, B, A, then yes, you would inappropriately see two
>> warnings about A.
>
> Yes, this is what happens.  A patch like this won't be very common, but still:
>
> cat > d.diff <<EOF
> --- ../x
> +++ ../y
> @@ -0,0 +1 @@
> +x
> EOF
>
> touch ../x ../y
> check 'patch -f -p0 --dry-run < d.diff || echo status: $?' <<EOF
> Ignoring potentially dangerous file name ../x
> Ignoring potentially dangerous file name ../y
> Ignoring potentially dangerous file name ../x
> Ignoring potentially dangerous file name ../y
> can't find file to patch at input line 3
> Perhaps you used the wrong -p or --strip option?
> The text leading up to this was:
> --------------------------
> |--- ../x
> |+++ ../y
> --------------------------
> No file to patch.  Skipping patch.
> 1 out of 1 hunk ignored
> status: 1
> EOF

Thanks.
Here's a better patch.
With it, we get one message per invalid file name.

diff --git a/src/pch.c b/src/pch.c
index 41c15b6..b617f30 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -380,10 +380,15 @@ static bool
 name_is_valid (char const *name)
 {
   const char *n = name;
+  static char const *bad[2];
+
+  if (name == bad[0] || name == bad[1])
+    return false;

   if (IS_ABSOLUTE_FILE_NAME (name))
     {
       say ("Ignoring potentially dangerous file name %s\n", quotearg (name));
+      bad[!!bad[0]] = name;
       return false;
     }
   for (n = name; *n; )
@@ -391,6 +396,7 @@ name_is_valid (char const *name)
       if (*n == '.' && *++n == '.' && ( ! *++n || ISSLASH (*n)))
         {
          say ("Ignoring potentially dangerous file name %s\n", quotearg 
(name));
+         bad[!!bad[0]] = name;
          return false;
        }
       while (*n && ! ISSLASH (*n))