- foreach my $l (split(/^/m, $s)) {
- if ($l =~ $re) {
- $di->{oid_a} = $1;
- $di->{oid_b} = $2;
- if (defined($3)) {
- my $mode_a = $3;
- if ($mode_a =~ /\A(?:100644|120000|100755)\z/) {
- $di->{mode_a} = $mode_a;
- }
- }
-
-
- # start writing the diff out to a tempfile
- my $pn = ++$self->{tot};
- open($tmp, '>', $self->{tmp}->dirname . "/$pn") or
- die "open(tmp): $!";
-
- push @$hdr_lines, $l;
- $di->{hdr_lines} = $hdr_lines;
- utf8::encode($_) for @$hdr_lines;
- print $tmp @$hdr_lines or die "print(tmp): $!";
-
- # for debugging/diagnostics:
- $di->{ibx} = $ibx;
- $di->{smsg} = $smsg;
- } elsif ($l =~ m!\Adiff --git ("?[^/]+/.+) ("?[^/]+/.+)$!) {
- last if $tmp; # got our blob, done!
-
- my ($path_a, $path_b) = ($1, $2);
-
- # diff header lines won't have \r because git
- # will quote them, but Email::MIME gives CRLF
- # for quoted-printable:
- $path_b =~ tr/\r//d;
-
- # don't care for leading 'a/' and 'b/'
- my (undef, @a) = split(m{/}, git_unquote($path_a));
- my (undef, @b) = split(m{/}, git_unquote($path_b));
-
- # get rid of path-traversal attempts and junk patches:
- foreach (@a, @b) {
- return if $bad_component{$_};
- }
-
- $di->{path_a} = join('/', @a);
- $di->{path_b} = join('/', @b);
- $hdr_lines = [ $l ];
- } elsif ($tmp) {
- utf8::encode($l);
- print $tmp $l or die "print(tmp): $!";
- } elsif ($hdr_lines) {
- push @$hdr_lines, $l;
- if ($l =~ /\Anew file mode (100644|120000|100755)$/) {
- $di->{mode_a} = $1;
- }
- }
- }
- return undef unless $tmp;
+ state $LF = qr!\r?\n!;
+ state $ANY = qr![^\r\n]+!;
+ state $MODE = '100644|120000|100755';
+ state $FN = qr!(?:("?[^/\n]+/[^\r\n]+)|/dev/null)!;
+
+ $s =~ m!( # $1 start header lines we save for debugging:
+
+ # everything before ^index is optional, but we don't
+ # want to match ^(old|copy|rename|deleted|...) unless
+ # we match /^diff --git/ first:
+ (?: # begin optional stuff:
+
+ # try to get the pre-and-post filenames as $2 and $3
+ (?:^diff\x20--git\x20$FN\x20$FN$LF)
+
+ (?:^(?: # pass all this to git-apply:
+ # old mode $4
+ (?:old\x20mode\x20($MODE))
+ |
+ # new mode (possibly new file) ($5)
+ (?:new\x20(?:file\x20)?mode\x20($MODE))
+ |
+ (?:(?:copy|rename|deleted|
+ dissimilarity|similarity)$ANY)
+ )$LF)*
+
+ )? # end of optional stuff, everything below is required
+
+ # match the pre and post-image OIDs as $6 $7
+ ^index\x20(${pre}[a-f0-9]*)\.\.(${post}[a-f0-9]*)
+ # mode if unchanged $8
+ (?:\x20(100644|120000|100755))?$LF
+ ) # end of header lines ($1)
+ ( # $9 is the patch body
+ # "--- a/foo.c" sets pre-filename ($10) in case
+ # $2 is missing
+ (?:^---\x20$FN$LF)
+
+ # "+++ b/foo.c" sets post-filename ($11) in case
+ # $3 is missing
+ (?:^\+{3}\x20$FN$LF)
+
+ # the meat of the diff, including "^\\No newline ..."
+ # We also allow for totally blank lines w/o leading spaces,
+ # because git-apply(1) handles that case, too
+ (?:^(?:[\@\+\x20\-\\][^\n]*|)$LF)+
+ )!smx or return;
+
+ my $di = {
+ hdr_lines => $1,
+ oid_a => $6,
+ oid_b => $7,
+ mode_a => $5 // $8 // $4, # new (file) // unchanged // old
+ };
+ my $path_a = $2 // $10;
+ my $path_b = $3 // $11;
+ my $patch = $9;
+
+ # don't care for leading 'a/' and 'b/'
+ my (undef, @a) = split(m{/}, git_unquote($path_a));
+ my (undef, @b) = split(m{/}, git_unquote($path_b));
+
+ # get rid of path-traversal attempts and junk patches:
+ # it's junk at best, an attack attempt at worse:
+ state $bad_component = { map { $_ => 1 } ('', '.', '..') };
+ foreach (@a, @b) { return if $bad_component->{$_} }
+
+ $di->{path_a} = join('/', @a);
+ $di->{path_b} = join('/', @b);
+
+ my $path = ++$self->{tot};
+ $di->{n} = $path;
+ open(my $tmp, '>:utf8', $self->{tmp}->dirname . "/$path") or
+ die "open(tmp): $!";
+ print $tmp $di->{hdr_lines}, $patch or die "print(tmp): $!";