cvsserver: Make req_Root more critical of its input data
The path submitted with the Root request has to be absolute (cvs does it this way and it may save us some sanity checks later) If multiple roots are specified (e.g. because we use pserver authentication which will already include the root), ensure that they say all the same. Probably neither is a security risk, and neither should ever be triggered by a sane client, but when validating input data, it's better to be save than sorry. Signed-off-by: NFrank Lichtenheld <frank@lichtenheld.de> Signed-off-by: NJunio C Hamano <gitster@pobox.com>
Showing
想要评论请 注册 或 登录