Bug#441167: git-gui: fails to handle filename with '%3F' in it

Fri, 07 Sep 2007 00:19:19 -0700 

Package: git-gui
Version: 1:1.5.3-1
Severity: normal

  It seems that git-gui try to evaluate filenames. I put the severity to
normal, but perhaps it should be increase if this bug allow to run
arbitrary code (not sure because the user still has to click on the
filename).

  Steps to reproduce the bug :
[EMAIL PROTECTED]:/tmp$ mkdir foo
[EMAIL PROTECTED]:/tmp$ cd foo/
[EMAIL PROTECTED]:/tmp/foo$ git init
Initialized empty Git repository in .git/
[EMAIL PROTECTED]:/tmp/foo$ touch 'foo%3Fsuite'
[EMAIL PROTECTED]:/tmp/foo$ git-gui

Then click on the 'foo%3Fsuite' icon to include it in a changeset
A popup comes with :
'Error: bad field specifier "F"'
with the backrtace :
bad field specifier "F"
bad field specifier "F"
    while executing
"format  "$msg... %i/%i files (%.2f%%)"  $update_index_cp  $totalCnt 0.0"
    (procedure "update_index" line 12)
    invoked from within
"update_index  "Adding [short_path $path]"  [list $path]  [concat $after [list 
ui_ready]]"
    (procedure "toggle_or_diff" line 28)
    invoked from within
"toggle_or_diff         .vpane.files.workdir.list 14 11"
    (command bound to event)

  At quick glace, I would say that
format  "$msg... %i/%i files (%.2f%%)"  $update_index_cp  $totalCnt 0.0
should be replaced by
format  "%s... %i/%i files (%.2f%%)"  $msg $update_index_cp  $totalCnt 0.0

  However :
- I do not test this (yet)
- the code should probably be audited for similar bugs

  Best regards,
    Vincent

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.23-rc4-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages git-gui depends on:
ii  git-core                      1:1.5.3-1  fast, scalable, distributed revisi
ii  tk8.4                         8.4.15-1   Tk toolkit for Tcl and X11, v8.4 -

Versions of packages git-gui recommends:
ii  git-doc                       1:1.5.3-1  fast, scalable, distributed revisi
ii  gitk                          1:1.5.3-1  fast, scalable, distributed revisi

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to