From 1f0bd51f5508c62e60d81d4efd5ee6c95c3aad5f Mon Sep 17 00:00:00 2001
From: Stephan <glaubinix@users.noreply.github.com>
Date: Tue, 16 Aug 2022 10:08:03 +0100
Subject: [PATCH] GitHubDriver: stricter URL validation to avoid issues with
 undefined index owner (#10985)

---
 src/Composer/Repository/Vcs/GitHubDriver.php  |  4 ++--
 .../Test/Repository/Vcs/GitHubDriverTest.php  | 20 +++++++++++++++++--
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/src/Composer/Repository/Vcs/GitHubDriver.php b/src/Composer/Repository/Vcs/GitHubDriver.php
index 96f7ed996..0cde0c871 100644
--- a/src/Composer/Repository/Vcs/GitHubDriver.php
+++ b/src/Composer/Repository/Vcs/GitHubDriver.php
@@ -59,7 +59,7 @@ class GitHubDriver extends VcsDriver
      */
     public function initialize()
     {
-        if (!Preg::isMatch('#^(?:(?:https?|git)://([^/]+)/|git@([^:]+):/?)([^/]+)/(.+?)(?:\.git|/)?$#', $this->url, $match)) {
+        if (!Preg::isMatch('#^(?:(?:https?|git)://([^/]+)/|git@([^:]+):/?)([^/]+)/([^/]+?)(?:\.git|/)?$#', $this->url, $match)) {
             throw new \InvalidArgumentException(sprintf('The GitHub repository URL %s is invalid.', $this->url));
         }
 
@@ -390,7 +390,7 @@ class GitHubDriver extends VcsDriver
      */
     public static function supports(IOInterface $io, Config $config, $url, $deep = false)
     {
-        if (!Preg::isMatch('#^((?:https?|git)://([^/]+)/|git@([^:]+):/?)([^/]+)/(.+?)(?:\.git|/)?$#', $url, $matches)) {
+        if (!Preg::isMatch('#^((?:https?|git)://([^/]+)/|git@([^:]+):/?)([^/]+)/([^/]+?)(?:\.git|/)?$#', $url, $matches)) {
             return false;
         }
 
diff --git a/tests/Composer/Test/Repository/Vcs/GitHubDriverTest.php b/tests/Composer/Test/Repository/Vcs/GitHubDriverTest.php
index fcffb583b..4bd45ab40 100644
--- a/tests/Composer/Test/Repository/Vcs/GitHubDriverTest.php
+++ b/tests/Composer/Test/Repository/Vcs/GitHubDriverTest.php
@@ -342,14 +342,16 @@ class GitHubDriverTest extends TestCase
     }
 
     /**
+     * @dataProvider invalidUrlProvider
+     * @param string $url
      * @return void
      */
-    public function initializeInvalidReoUrl()
+    public function testInitializeInvalidReoUrl($url)
     {
         $this->setExpectedException('\InvalidArgumentException');
 
         $repoConfig = array(
-            'url' => 'https://github.com/acme',
+            'url' => $url,
         );
 
         $io = $this->getMockBuilder('Composer\IO\IOInterface')->getMock();
@@ -361,6 +363,18 @@ class GitHubDriverTest extends TestCase
         $gitHubDriver->initialize();
     }
 
+    /**
+     * @return list<array{bool, string}>
+     */
+    public function invalidUrlProvider()
+    {
+        return array(
+            array(false, 'https://github.com/acme'),
+            array(false, 'https://github.com/acme/repository/releases'),
+            array(false, 'https://github.com/acme/repository/pulls'),
+        );
+    }
+
     /**
      * @dataProvider supportsProvider
      * @param bool $expected
@@ -382,6 +396,8 @@ class GitHubDriverTest extends TestCase
             array(false, 'https://github.com/acme'),
             array(true, 'https://github.com/acme/repository'),
             array(true, 'git@github.com:acme/repository.git'),
+            array(false, 'https://github.com/acme/repository/releases'),
+            array(false, 'https://github.com/acme/repository/pulls'),
         );
     }