diff options
| author |  Junio C Hamano <gitster@pobox.com> | 2021-01-25 14:19:17 -0800 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2021-01-25 14:19:17 -0800 |
| commit | c7b1aaf6d6bb5746a98831854313ca8fccea600d (patch) | |
| tree | ba09f9c7df3f2eb5a690b9a39be37915aebf4b18 | |
| parent | Merge branch 'ab/branch-sort' (diff) | |
| parent | fsck: reject .gitmodules git:// urls with newlines (diff) | |
| download | tgif-c7b1aaf6d6bb5746a98831854313ca8fccea600d.tar.xz | |
Merge branch 'jk/forbid-lf-in-git-url'
Newline characters in the host and path part of git:// URL are
now forbidden.
* jk/forbid-lf-in-git-url:
fsck: reject .gitmodules git:// urls with newlines
git_connect_git(): forbid newlines in host and path
| -rw-r--r-- | connect.c | 2 | ||||
| -rw-r--r-- | fsck.c | 2 | ||||
| -rwxr-xr-x | t/t5570-git-daemon.sh | 5 | ||||
| -rwxr-xr-x | t/t7416-submodule-dash-url.sh | 15 |
4 files changed, 23 insertions, 1 deletions
@@ -1160,6 +1160,8 @@ static struct child_process *git_connect_git(int fd[2], char *hostandport, target_host = xstrdup(hostandport); transport_check_allowed("git"); + if (strchr(target_host, '\n') || strchr(path, '\n')) + die(_("newline is forbidden in git:// hosts and repo paths")); /* * These underlying connection commands die() if they @@ -1110,7 +1110,7 @@ static int check_submodule_url(const char *url) if (looks_like_command_line_option(url)) return -1; - if (submodule_url_is_relative(url)) { + if (submodule_url_is_relative(url) || starts_with(url, "git://")) { char *decoded; const char *next; int has_nl; diff --git a/t/t5570-git-daemon.sh b/t/t5570-git-daemon.sh index 8f69a7854f..0fbb194810 100755 --- a/t/t5570-git-daemon.sh +++ b/t/t5570-git-daemon.sh @@ -103,6 +103,11 @@ test_expect_success 'fetch notices corrupt idx' ' ) ' +test_expect_success 'client refuses to ask for repo with newline' ' + test_must_fail git clone "$GIT_DAEMON_URL/repo$LF.git" dst 2>stderr && + test_i18ngrep newline.is.forbidden stderr +' + test_remote_error() { do_export=YesPlease diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh index eec96e0ba9..d21dc8b009 100755 --- a/t/t7416-submodule-dash-url.sh +++ b/t/t7416-submodule-dash-url.sh @@ -201,4 +201,19 @@ test_expect_success 'fsck rejects embedded newline in relative url' ' grep gitmodulesUrl err ' +test_expect_success 'fsck rejects embedded newline in git url' ' + git checkout --orphan git-newline && + cat >.gitmodules <<-\EOF && + [submodule "foo"] + url = "git://example.com:1234/repo%0a.git" + EOF + git add .gitmodules && + git commit -m "git url with newline" && + test_when_finished "rm -rf dst" && + git init --bare dst && + git -C dst config transfer.fsckObjects true && + test_must_fail git push dst HEAD 2>err && + grep gitmodulesUrl err +' + test_done |