Sync with 2.41.1

[thirdparty/git.git] / config.c

diff --git a/config.c b/config.c
index 3846a37be971c92153eb1ceeb65c6e612c8e173c..cccda75a7885f5a5bab2dfac2fb04b011b78ab87 100644 (file)
--- a/config.c
+++ b/config.c
@@ -1558,8 +1558,19 @@ static int git_default_core_config(const char *var, const char *value,
        if (!strcmp(var, "core.attributesfile"))
                return git_config_pathname(&git_attributes_file, var, value);
 
-       if (!strcmp(var, "core.hookspath"))
+       if (!strcmp(var, "core.hookspath")) {
+               if (ctx->kvi && ctx->kvi->scope == CONFIG_SCOPE_LOCAL &&
+                   git_env_bool("GIT_CLONE_PROTECTION_ACTIVE", 0))
+                       die(_("active `core.hooksPath` found in the local "
+                             "repository config:\n\t%s\nFor security "
+                             "reasons, this is disallowed by default.\nIf "
+                             "this is intentional and the hook should "
+                             "actually be run, please\nrun the command "
+                             "again with "
+                             "`GIT_CLONE_PROTECTION_ACTIVE=false`"),
+                           value);
                return git_config_pathname(&git_hooks_path, var, value);
+       }
 
        if (!strcmp(var, "core.bare")) {
                is_bare_repository_cfg = git_config_bool(var, value);