summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--connect.c2
-rw-r--r--fsck.c2
-rwxr-xr-xt/t5570-git-daemon.sh5
-rwxr-xr-xt/t7416-submodule-dash-url.sh15
4 files changed, 23 insertions, 1 deletions
diff --git a/connect.c b/connect.c
index 8b8f56cf6d..9c97fee430 100644
--- a/connect.c
+++ b/connect.c
@@ -1160,6 +1160,8 @@ static struct child_process *git_connect_git(int fd[2], char *hostandport,
target_host = xstrdup(hostandport);
transport_check_allowed("git");
+ if (strchr(target_host, '\n') || strchr(path, '\n'))
+ die(_("newline is forbidden in git:// hosts and repo paths"));
/*
* These underlying connection commands die() if they
diff --git a/fsck.c b/fsck.c
index f82e2fe9e3..5e282b3b6b 100644
--- a/fsck.c
+++ b/fsck.c
@@ -1082,7 +1082,7 @@ static int check_submodule_url(const char *url)
if (looks_like_command_line_option(url))
return -1;
- if (submodule_url_is_relative(url)) {
+ if (submodule_url_is_relative(url) || starts_with(url, "git://")) {
char *decoded;
const char *next;
int has_nl;
diff --git a/t/t5570-git-daemon.sh b/t/t5570-git-daemon.sh
index 8f69a7854f..0fbb194810 100755
--- a/t/t5570-git-daemon.sh
+++ b/t/t5570-git-daemon.sh
@@ -103,6 +103,11 @@ test_expect_success 'fetch notices corrupt idx' '
)
'
+test_expect_success 'client refuses to ask for repo with newline' '
+ test_must_fail git clone "$GIT_DAEMON_URL/repo$LF.git" dst 2>stderr &&
+ test_i18ngrep newline.is.forbidden stderr
+'
+
test_remote_error()
{
do_export=YesPlease
diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh
index eec96e0ba9..d21dc8b009 100755
--- a/t/t7416-submodule-dash-url.sh
+++ b/t/t7416-submodule-dash-url.sh
@@ -201,4 +201,19 @@ test_expect_success 'fsck rejects embedded newline in relative url' '
grep gitmodulesUrl err
'
+test_expect_success 'fsck rejects embedded newline in git url' '
+ git checkout --orphan git-newline &&
+ cat >.gitmodules <<-\EOF &&
+ [submodule "foo"]
+ url = "git://example.com:1234/repo%0a.git"
+ EOF
+ git add .gitmodules &&
+ git commit -m "git url with newline" &&
+ test_when_finished "rm -rf dst" &&
+ git init --bare dst &&
+ git -C dst config transfer.fsckObjects true &&
+ test_must_fail git push dst HEAD 2>err &&
+ grep gitmodulesUrl err
+'
+
test_done
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 03:24:32 +0000