public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

GitHubDriver: stricter URL validation to avoid issues with undefined index owner (#10985)

pull/10996/head
Stephan 2022-08-16 10:08:03 +01:00 committed by GitHub
parent b0674c421a
commit 1f0bd51f55
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Composer/Repository/Vcs/GitHubDriver.php
View File

@ -59,7 +59,7 @@ class GitHubDriver extends VcsDriver
*/ */
public function initialize() public function initialize()
{ {
if (!Preg::isMatch('#^(?:(?:https?|git)://([^/]+)/|git@([^:]+):/?)([^/]+)/(.+?)(?:\.git|/)?$#', $this->url, $match)) { if (!Preg::isMatch('#^(?:(?:https?|git)://([^/]+)/|git@([^:]+):/?)([^/]+)/([^/]+?)(?:\.git|/)?$#', $this->url, $match)) {
throw new \InvalidArgumentException(sprintf('The GitHub repository URL %s is invalid.', $this->url)); throw new \InvalidArgumentException(sprintf('The GitHub repository URL %s is invalid.', $this->url));
} }
@ -390,7 +390,7 @@ class GitHubDriver extends VcsDriver
*/ */
public static function supports(IOInterface $io, Config $config, $url, $deep = false) public static function supports(IOInterface $io, Config $config, $url, $deep = false)
{ {
if (!Preg::isMatch('#^((?:https?|git)://([^/]+)/|git@([^:]+):/?)([^/]+)/(.+?)(?:\.git|/)?$#', $url, $matches)) { if (!Preg::isMatch('#^((?:https?|git)://([^/]+)/|git@([^:]+):/?)([^/]+)/([^/]+?)(?:\.git|/)?$#', $url, $matches)) {
return false; return false;
} }

20
tests/Composer/Test/Repository/Vcs/GitHubDriverTest.php
View File

@ -342,14 +342,16 @@ class GitHubDriverTest extends TestCase
} }
/** /**
* @dataProvider invalidUrlProvider
* @param string $url
* @return void * @return void
*/ */
public function initializeInvalidReoUrl() public function testInitializeInvalidReoUrl($url)
{ {
$this->setExpectedException('\InvalidArgumentException'); $this->setExpectedException('\InvalidArgumentException');
$repoConfig = array( $repoConfig = array(
'url' => 'https://github.com/acme', 'url' => $url,
); );
$io = $this->getMockBuilder('Composer\IO\IOInterface')->getMock(); $io = $this->getMockBuilder('Composer\IO\IOInterface')->getMock();
@ -361,6 +363,18 @@ class GitHubDriverTest extends TestCase
$gitHubDriver->initialize(); $gitHubDriver->initialize();
} }
/**
* @return list<array{bool, string}>
*/
public function invalidUrlProvider()
{
return array(
array(false, 'https://github.com/acme'),
array(false, 'https://github.com/acme/repository/releases'),
array(false, 'https://github.com/acme/repository/pulls'),
);
}
/** /**
* @dataProvider supportsProvider * @dataProvider supportsProvider
* @param bool $expected * @param bool $expected
@ -382,6 +396,8 @@ class GitHubDriverTest extends TestCase
array(false, 'https://github.com/acme'), array(false, 'https://github.com/acme'),
array(true, 'https://github.com/acme/repository'), array(true, 'https://github.com/acme/repository'),
array(true, 'git@github.com:acme/repository.git'), array(true, 'git@github.com:acme/repository.git'),
array(false, 'https://github.com/acme/repository/releases'),
array(false, 'https://github.com/acme/repository/pulls'),
); );
} }