Add a guard to reject any path traversal

author: Alex Pooley (@zuedev) <zuedev@gmail.com> 2026-05-07 18:07:15 +0100
committer: Alex Pooley (@zuedev) <zuedev@gmail.com> 2026-05-07 18:07:15 +0100
commit: 990e758685da6049e4fb197df909d7e13e9c7c16 (patch)
tree: 23bc785af47c28704e9cfa418b7e29cc28231456 /usr/local
parent: 8f1f7626e53dac82721384c8bd3b3a77092a6d3f (diff)
download: git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.tar
git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.tar.gz
git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.tar.bz2
git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.tar.xz
git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/usr/local/bin/git-wrapper b/usr/local/bin/git-wrapper
index f5ca870..bf0781b 100644
--- a/usr/local/bin/git-wrapper
+++ b/usr/local/bin/git-wrapper
@@ -11,6 +11,11 @@ fi
 cmd=$(echo "$SSH_ORIGINAL_COMMAND" | cut -d' ' -f1)
 path=$(echo "$SSH_ORIGINAL_COMMAND" | cut -d"'" -f2)
 
+if [[ "$path" == *..* ]]; then
+    echo "Invalid path" >&2
+    exit 1
+fi
+
 case "$cmd" in
     # Allow only specific git commands and ensure that the repository path is correctly prefixed with /repositories if it's not an absolute path.
     git-upload-pack|git-receive-pack|git-upload-archive)
author	Alex Pooley (@zuedev) <zuedev@gmail.com>	2026-05-07 18:07:15 +0100
committer	Alex Pooley (@zuedev) <zuedev@gmail.com>	2026-05-07 18:07:15 +0100
commit	990e758685da6049e4fb197df909d7e13e9c7c16 (patch)
tree	23bc785af47c28704e9cfa418b7e29cc28231456 /usr/local
parent	8f1f7626e53dac82721384c8bd3b3a77092a6d3f (diff)
download	git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.tar git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.tar.gz git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.tar.bz2 git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.tar.xz git.zue.dev-990e758685da6049e4fb197df909d7e13e9c7c16.zip