On Thu, May 22, 2025 at 08:55:56AM -0700, Junio C Hamano wrote:
> Ondrej Pohorelsky <opohorel@xxxxxxxxxx> writes:
>
> >> What made you send a patch for this program? Do you or anybody you
> >> know use git-cvsserver? Unless I am reading the program
> >> incorrectly, despite the claim in front of that escapeRefName sub
> >> that we avoid sending a tag whose name is not something CVS would be
> >> happy with, we did not sanitize the refs and relied solely on the
> >> users' repository to use only safe characters in the refs to keep
> >> CVS clients happy, and the fact that this expression used as if()
> >> condition is totally broken does not really make any difference,
> >> since it is in an unused sub. I have to wonder if (1) it is a
> >> better fix to just remove the unused sub, and/or (2) perhaps nobody
> >> uses cvsserver to allow cvs clients to talk to a Git repository?
>
> Below you mention you found it from test failures. Nice to know
> that you weren't actually using it ;-)
>
> Still, I would welcome second and third set of eyeballs to see if
> this is a dead code that the "compiler" is complaining about. If
> so, we can remove that unused code instead of fixing it.
I agree that the code does not appear to be called, and doing this:
diff --git a/git-cvsserver.perl b/git-cvsserver.perl
index a4e1bad33c..cc891eba67 100755
--- a/git-cvsserver.perl
+++ b/git-cvsserver.perl
@@ -5009,6 +5009,7 @@ sub escapeRefName
# = "_-xx-" Where "xx" is the hexadecimal representation of the
# desired ASCII character byte. (for anything else)
+ die "foo";
if(! $refName=~/^[1-9][0-9]*(\.[1-9][0-9]*)*$/)
{
$refName=~s/_-/_-u--/g;
still lets t9402 pass. I suspect the issue is that perl complains to
stderr while parsing the file (polluting the log), not when actually
running the code.
-Peff
