diff options
Diffstat (limited to 'meta/recipes-devtools/git/git/0003-fsck-detect-gitmodules-URLs-with-embedded-newlines.patch')
-rw-r--r-- | meta/recipes-devtools/git/git/0003-fsck-detect-gitmodules-URLs-with-embedded-newlines.patch | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/meta/recipes-devtools/git/git/0003-fsck-detect-gitmodules-URLs-with-embedded-newlines.patch b/meta/recipes-devtools/git/git/0003-fsck-detect-gitmodules-URLs-with-embedded-newlines.patch new file mode 100644 index 0000000000..23931e6313 --- /dev/null +++ b/meta/recipes-devtools/git/git/0003-fsck-detect-gitmodules-URLs-with-embedded-newlines.patch | |||
@@ -0,0 +1,103 @@ | |||
1 | From 1c9f8cedd34302575db40016231bdf502f17901e Mon Sep 17 00:00:00 2001 | ||
2 | From: Li Zhou <li.zhou@windriver.com> | ||
3 | Date: Mon, 27 Apr 2020 13:49:39 +0800 | ||
4 | Subject: [PATCH 03/12] fsck: detect gitmodules URLs with embedded newlines | ||
5 | |||
6 | The credential protocol can't handle values with newlines. We already | ||
7 | detect and block any such URLs from being used with credential helpers, | ||
8 | but let's also add an fsck check to detect and block gitmodules files | ||
9 | with such URLs. That will let us notice the problem earlier when | ||
10 | transfer.fsckObjects is turned on. And in particular it will prevent bad | ||
11 | objects from spreading, which may protect downstream users running older | ||
12 | versions of Git. | ||
13 | |||
14 | We'll file this under the existing gitmodulesUrl flag, which covers URLs | ||
15 | with option injection. There's really no need to distinguish the exact | ||
16 | flaw in the URL in this context. Likewise, I've expanded the description | ||
17 | of t7416 to cover all types of bogus URLs. | ||
18 | |||
19 | Upstream-Status: Backport | ||
20 | |||
21 | Signed-off-by: Li Zhou <li.zhou@windriver.com> | ||
22 | --- | ||
23 | fsck.c | 16 +++++++++++++++- | ||
24 | t/t7416-submodule-dash-url.sh | 18 +++++++++++++++++- | ||
25 | 2 files changed, 32 insertions(+), 2 deletions(-) | ||
26 | |||
27 | diff --git a/fsck.c b/fsck.c | ||
28 | index ef8b343..ea46eea 100644 | ||
29 | --- a/fsck.c | ||
30 | +++ b/fsck.c | ||
31 | @@ -15,6 +15,7 @@ | ||
32 | #include "packfile.h" | ||
33 | #include "submodule-config.h" | ||
34 | #include "config.h" | ||
35 | +#include "credential.h" | ||
36 | #include "help.h" | ||
37 | |||
38 | static struct oidset gitmodules_found = OIDSET_INIT; | ||
39 | @@ -947,6 +948,19 @@ static int fsck_tag(struct tag *tag, const char *data, | ||
40 | return fsck_tag_buffer(tag, data, size, options); | ||
41 | } | ||
42 | |||
43 | +static int check_submodule_url(const char *url) | ||
44 | +{ | ||
45 | + struct credential c = CREDENTIAL_INIT; | ||
46 | + int ret; | ||
47 | + | ||
48 | + if (looks_like_command_line_option(url)) | ||
49 | + return -1; | ||
50 | + | ||
51 | + ret = credential_from_url_gently(&c, url, 1); | ||
52 | + credential_clear(&c); | ||
53 | + return ret; | ||
54 | +} | ||
55 | + | ||
56 | struct fsck_gitmodules_data { | ||
57 | struct object *obj; | ||
58 | struct fsck_options *options; | ||
59 | @@ -971,7 +985,7 @@ static int fsck_gitmodules_fn(const char *var, const char *value, void *vdata) | ||
60 | "disallowed submodule name: %s", | ||
61 | name); | ||
62 | if (!strcmp(key, "url") && value && | ||
63 | - looks_like_command_line_option(value)) | ||
64 | + check_submodule_url(value) < 0) | ||
65 | data->ret |= report(data->options, data->obj, | ||
66 | FSCK_MSG_GITMODULES_URL, | ||
67 | "disallowed submodule url: %s", | ||
68 | diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh | ||
69 | index 5ba041f..41431b1 100755 | ||
70 | --- a/t/t7416-submodule-dash-url.sh | ||
71 | +++ b/t/t7416-submodule-dash-url.sh | ||
72 | @@ -1,6 +1,6 @@ | ||
73 | #!/bin/sh | ||
74 | |||
75 | -test_description='check handling of .gitmodule url with dash' | ||
76 | +test_description='check handling of disallowed .gitmodule urls' | ||
77 | . ./test-lib.sh | ||
78 | |||
79 | test_expect_success 'create submodule with protected dash in url' ' | ||
80 | @@ -60,4 +60,20 @@ test_expect_success 'trailing backslash is handled correctly' ' | ||
81 | test_i18ngrep ! "unknown option" err | ||
82 | ' | ||
83 | |||
84 | +test_expect_success 'fsck rejects embedded newline in url' ' | ||
85 | + # create an orphan branch to avoid existing .gitmodules objects | ||
86 | + git checkout --orphan newline && | ||
87 | + cat >.gitmodules <<-\EOF && | ||
88 | + [submodule "foo"] | ||
89 | + url = "https://one.example.com?%0ahost=two.example.com/foo.git" | ||
90 | + EOF | ||
91 | + git add .gitmodules && | ||
92 | + git commit -m "gitmodules with newline" && | ||
93 | + test_when_finished "rm -rf dst" && | ||
94 | + git init --bare dst && | ||
95 | + git -C dst config transfer.fsckObjects true && | ||
96 | + test_must_fail git push dst HEAD 2>err && | ||
97 | + grep gitmodulesUrl err | ||
98 | +' | ||
99 | + | ||
100 | test_done | ||
101 | -- | ||
102 | 1.9.1 | ||
103 | |||