Index: ChangeLog =================================================================== RCS file: /home2/cvsroot/ccvs/src/ChangeLog,v retrieving revision 1.2135 diff -c -r1.2135 ChangeLog *** ChangeLog 23 May 2001 18:03:07 -0000 1.2135 --- ChangeLog 24 May 2001 17:08:21 -0000 *************** *** 1,3 **** --- 1,11 ---- + 2001-05-24 Donald Sharp + + * checkout.c: Modified safe_location() to refuse checkout if + the -d option to co specifies inside of the repository. + * import.c: New parameter to safe_location needed to be added. + * cvs.h: New parameter to safe_location needed to be added. + * sanity.sh: Test case to test for failure mode. + 2001-05-23 Larry Jones * checkout.c (checkout_proc): Don't build top_level_admin directory Index: checkout.c =================================================================== RCS file: /home2/cvsroot/ccvs/src/checkout.c,v retrieving revision 1.99 diff -c -r1.99 checkout.c *** checkout.c 23 May 2001 18:03:08 -0000 1.99 --- checkout.c 24 May 2001 17:08:21 -0000 *************** *** 248,254 **** } #endif ! if (!cat && !safe_location()) { error(1, 0, "Cannot check out files into the repository itself"); } --- 248,254 ---- } #endif ! if (!cat && !safe_location( where )) { error(1, 0, "Cannot check out files into the repository itself"); } *************** *** 379,387 **** reasons, probably want to move them. */ int ! safe_location () { char *current; char hardpath[PATH_MAX+5]; size_t hardpath_len; int x; --- 379,388 ---- reasons, probably want to move them. */ int ! safe_location ( char * where ) { char *current; + char *where_location; char hardpath[PATH_MAX+5]; size_t hardpath_len; int x; *************** *** 403,411 **** --- 404,431 ---- { hardpath[x] = '\0'; } + current = xgetwd (); if (current == NULL) error (1, errno, "could not get working directory"); + + if( where != NULL ) + { + char *temp; + if( chdir( where ) != -1 ) + { + where_location = xgetwd(); + if( where_location == NULL ) + error( 1, errno, "could not get working directory" ); + + if( chdir( current ) == -1 ) + error( 1, errno, "Could not change directory" ); + + free( current ); + current = where_location; + } + } + hardpath_len = strlen (hardpath); if (strlen (current) >= hardpath_len && strncmp (current, hardpath, hardpath_len) == 0) Index: cvs.h =================================================================== RCS file: /home2/cvsroot/ccvs/src/cvs.h,v retrieving revision 1.221 diff -c -r1.221 cvs.h *** cvs.h 4 May 2001 16:36:34 -0000 1.221 --- cvs.h 24 May 2001 17:08:21 -0000 *************** *** 380,386 **** extern cvsroot_t *current_parsed_root; extern char *emptydir_name PROTO ((void)); ! extern int safe_location PROTO ((void)); extern int trace; /* Show all commands */ extern int noexec; /* Don't modify disk anywhere */ --- 380,386 ---- extern cvsroot_t *current_parsed_root; extern char *emptydir_name PROTO ((void)); ! extern int safe_location PROTO ((char *)); extern int trace; /* Show all commands */ extern int noexec; /* Don't modify disk anywhere */ Index: import.c =================================================================== RCS file: /home2/cvsroot/ccvs/src/import.c,v retrieving revision 1.122 diff -c -r1.122 import.c *** import.c 6 Feb 2001 15:29:43 -0000 1.122 --- import.c 24 May 2001 17:08:21 -0000 *************** *** 278,284 **** } #endif ! if (!safe_location ()) { error (1, 0, "attempt to import the repository"); } --- 278,284 ---- } #endif ! if (!safe_location ( NULL )) { error (1, 0, "attempt to import the repository"); } Index: sanity.sh =================================================================== RCS file: /home2/cvsroot/ccvs/src/sanity.sh,v retrieving revision 1.694 diff -c -r1.694 sanity.sh *** sanity.sh 30 Apr 2001 19:07:09 -0000 1.694 --- sanity.sh 24 May 2001 17:08:23 -0000 *************** *** 677,682 **** --- 677,683 ---- tests="${tests} modules modules2 modules3 modules4 modules5" tests="${tests} mkmodules-temp-file-removal" tests="${tests} cvsadm emptydir abspath toplevel toplevel2" + tests="${tests} checkout_repository" # Log messages, error messages. tests="${tests} mflag editor errmsg1 errmsg2 adderrmsg" # Watches, binary files, history browsing, &c. *************** *** 11651,11656 **** --- 11652,11662 ---- rm -r 1 rm -rf ${CVSROOT_DIRNAME}/top-dir ${CVSROOT_DIRNAME}/second-dir ;; + + checkout_repository) + dotest_fail check_repository "${testcvs} co -d /tmp/cvs-sanity/cvsroot CVSROOT" \ + "${PROG} \[checkout aborted\]: Cannot check out files into the repository itself" + ;; mflag) for message in '' ' ' '