From de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd Mon Sep 17 00:00:00 2001
From: Ayman Bagabas <ayman.bagabas@gmail.com>
Date: Tue, 28 Nov 2023 14:31:04 -0500
Subject: git: validate reference names

Check reference names format before creating branches/tags/remotes.

This should probably be in a lower level somewhere in `plumbing`.
Validating the names under `plumbing.NewReference*` is not possible
since these functions don't return errors.

Fixes: https://github.com/go-git/go-git/issues/929
---
 repository.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'repository.go')

diff --git a/repository.go b/repository.go
index 4898838..1524a69 100644
--- a/repository.go
+++ b/repository.go
@@ -98,6 +98,10 @@ func InitWithOptions(s storage.Storer, worktree billy.Filesystem, options InitOp
 		options.DefaultBranch = plumbing.Master
 	}
 
+	if err := options.DefaultBranch.Validate(); err != nil {
+		return nil, err
+	}
+
 	r := newRepository(s, worktree)
 	_, err := r.Reference(plumbing.HEAD, false)
 	switch err {
@@ -724,7 +728,10 @@ func (r *Repository) DeleteBranch(name string) error {
 // CreateTag creates a tag. If opts is included, the tag is an annotated tag,
 // otherwise a lightweight tag is created.
 func (r *Repository) CreateTag(name string, hash plumbing.Hash, opts *CreateTagOptions) (*plumbing.Reference, error) {
-	rname := plumbing.ReferenceName(path.Join("refs", "tags", name))
+	rname := plumbing.NewTagReferenceName(name)
+	if err := rname.Validate(); err != nil {
+		return nil, err
+	}
 
 	_, err := r.Storer.Reference(rname)
 	switch err {
-- 
cgit