diff options
| -rw-r--r-- | credential.c | 2 | ||||
| -rwxr-xr-x | t/t0300-credentials.sh | 6 |
2 files changed, 8 insertions, 0 deletions
diff --git a/credential.c b/credential.c index 9747f47b18..00ee4d62db 100644 --- a/credential.c +++ b/credential.c @@ -194,6 +194,8 @@ static void credential_write_item(FILE *fp, const char *key, const char *value) { if (!value) return; + if (strchr(value, '\n')) + die("credential value for %s contains newline", key); fprintf(fp, "%s=%s\n", key, value); } diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh index 03bd31e9f2..15cc3c5abb 100755 --- a/t/t0300-credentials.sh +++ b/t/t0300-credentials.sh @@ -309,4 +309,10 @@ test_expect_success 'empty helper spec resets helper list' ' EOF ' +test_expect_success 'url parser rejects embedded newlines' ' + test_must_fail git credential fill <<-\EOF + url=https://one.example.com?%0ahost=two.example.com/ + EOF +' + test_done |