just-mr setup: Fix ensuring 'subdir' only accepts non-upwards paths

...which implicitly also enforces non-absolute. This ensures that there is no access outside the root directory of a Git checkout or the temporary unpack directory of an archive.
author: Paul Cristian Sarbu <paul.cristian.sarbu@huawei.com> 2025-01-13 13:14:07 +0100
committer: Paul Cristian Sarbu <paul.cristian.sarbu@huawei.com> 2025-01-13 15:01:55 +0100
commit: 311c88641e3b4be067ed6575369b401288e8984c (patch)
tree: 6e30808a7b1df635e26d63bf58009b25281db03f /src/other_tools/repo_map
parent: 48171d6a20823ea8157b723b223ca0129ac42fde (diff)
download: justbuild-311c88641e3b4be067ed6575369b401288e8984c.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/src/other_tools/repo_map/repos_to_setup_map.cpp b/src/other_tools/repo_map/repos_to_setup_map.cpp
index 27c39a77..383f763d 100644
--- a/src/other_tools/repo_map/repos_to_setup_map.cpp
+++ b/src/other_tools/repo_map/repos_to_setup_map.cpp
@@ -112,9 +112,9 @@ void GitCheckout(ExpressionPtr const& repo_desc,
                                             ? repo_desc_subdir->String()
                                             : "")
                       .lexically_normal();
-    if (subdir.is_absolute()) {
+    if (not PathIsNonUpwards(subdir)) {
         (*logger)(fmt::format("GitCheckout: Expected field \"subdir\" to be a "
-                              "relative path, but found {}",
+                              "non-upwards path, but found {}",
                               subdir.string()),
                   /*fatal=*/true);
         return;
author	Paul Cristian Sarbu <paul.cristian.sarbu@huawei.com>	2025-01-13 13:14:07 +0100
committer	Paul Cristian Sarbu <paul.cristian.sarbu@huawei.com>	2025-01-13 15:01:55 +0100
commit	311c88641e3b4be067ed6575369b401288e8984c (patch)
tree	6e30808a7b1df635e26d63bf58009b25281db03f /src/other_tools/repo_map
parent	48171d6a20823ea8157b723b223ca0129ac42fde (diff)
download	justbuild-311c88641e3b4be067ed6575369b401288e8984c.tar.gz