# HG changeset patch
# User Augie Fackler <augie@google.com>
# Date 2019-10-15 13:49:19
# Node ID 1f04c51d52eadb12bfbb6fba8eca27e742ea88d4
# Parent  ea62d7b06c129be54aaf0cf389b6e14dfedf638b

dirs: reject consecutive slashes in paths

We shouldn't ever see those, and the fuzzer go really excited that if
it gives us a 65k string with 55k slashes in it we use a lot of RAM.

Differential Revision: https://phab.mercurial-scm.org/D7105

diff --git a/mercurial/cext/dirs.c b/mercurial/cext/dirs.c
--- a/mercurial/cext/dirs.c
+++ b/mercurial/cext/dirs.c
@@ -52,6 +52,7 @@ static int _addpath(PyObject *dirs, PyOb
 {
 	const char *cpath = PyBytes_AS_STRING(path);
 	Py_ssize_t pos = PyBytes_GET_SIZE(path);
+	Py_ssize_t prev_pos = -1;
 	PyObject *key = NULL;
 	int ret = -1;
 
@@ -64,6 +65,13 @@ static int _addpath(PyObject *dirs, PyOb
 	 * locations, the references are known so these violations should go
 	 * unnoticed. */
 	while ((pos = _finddir(cpath, pos - 1)) != -1) {
+		if (pos && prev_pos == pos + 1) {
+			PyErr_SetString(
+			    PyExc_ValueError,
+			    "invalid empty directory name in dirs.c _addpath");
+			return -1;
+		}
+		prev_pos = pos;
 		PyObject *val;
 
 		key = PyBytes_FromStringAndSize(cpath, pos);