Git 2.23.2

author Junio C Hamano <gitster@pobox.com>

Tue, 17 Mar 2020 21:33:34 +0000 (14:33 -0700)

committer Junio C Hamano <gitster@pobox.com>

Tue, 17 Mar 2020 21:33:34 +0000 (14:33 -0700)
author Junio C Hamano <gitster@pobox.com>
Tue, 17 Mar 2020 21:33:34 +0000 (14:33 -0700)
committer Junio C Hamano <gitster@pobox.com>
Tue, 17 Mar 2020 21:33:34 +0000 (14:33 -0700)
diff --combined Documentation/RelNotes/2.23.2.txt

index 0000000000000000000000000000000000000000,0000000000000000000000000000000000000000..b697cbe0e31a0bf3f61fabb0c9b7b7483f1f0b35

new file mode 100644 (file)
--- /dev/null
--- /dev/null
+++ b/Documentation/RelNotes/2.23.2.txt
@@@ -1,0 -1,0 +1,5 @@@
++Git v2.23.2 Release Notes
++=========================
++
++This release merges the security fix that appears in v2.17.4; see
++the release notes for that version for details.
diff --combined GIT-VERSION-GEN

index 2e7264ee5b2b18fbeeb1b8a03e93ed7cc02b907b,e3c9d78890dc219f6e830e6604fbbc10d2b8bc75..70721f0c1193a87c809806d1f2742a2e068d99c0
--- 1/GIT-VERSION-GEN
--- 2/GIT-VERSION-GEN
+++ b/GIT-VERSION-GEN
@@@ -1,7 -1,7 +1,7 @@@
   #!/bin/sh
   
   GVF=GIT-VERSION-FILE
- DEF_VER=v2.23.1
- -DEF_VER=v2.22.3
++DEF_VER=v2.23.2
   
   LF='
   '
diff --combined RelNotes

index f63d8a47a67ff4d5f61c17e81b7677e9af111457,6c1853bf38552d8e19d541d05941643f9f92a426..895970ffd8a9fb123c46f66914072e26d2fae564
--- 1/RelNotes
--- 2/RelNotes
+++ b/RelNotes
@@@ -1,1 -1,1 +1,1 @@@
- Documentation/RelNotes/2.23.1.txt
- -Documentation/RelNotes/2.22.3.txt
++Documentation/RelNotes/2.23.2.txt
diff --combined fsck.c

index ef8b343a72011b56ed3004894f3f4ae4f42d78a9,a358af3507fa2e84c9f89c216f425dc19263a9f7..ea46eeade6bda1d1b7ceb10e1df85864eb2fe03b
--- 1/fsck.c
--- 2/fsck.c
+++ b/fsck.c
@@@ -15,6 -15,7 +15,7 @@@
   #include "packfile.h"
   #include "submodule-config.h"
   #include "config.h"
+ #include "credential.h"
   #include "help.h"
   
   static struct oidset gitmodules_found = OIDSET_INIT;
@@@ -182,6 -183,41 +183,6 @@@ static int fsck_msg_type(enum fsck_msg_
         return msg_type;
   }
   
- -static void init_skiplist(struct fsck_options *options, const char *path)
- -{
- -      FILE *fp;
- -      struct strbuf sb = STRBUF_INIT;
- -      struct object_id oid;
- -
- -      fp = fopen(path, "r");
- -      if (!fp)
- -              die("Could not open skip list: %s", path);
- -      while (!strbuf_getline(&sb, fp)) {
- -              const char *p;
- -              const char *hash;
- -
- -              /*
- -               * Allow trailing comments, leading whitespace
- -               * (including before commits), and empty or whitespace
- -               * only lines.
- -               */
- -              hash = strchr(sb.buf, '#');
- -              if (hash)
- -                      strbuf_setlen(&sb, hash - sb.buf);
- -              strbuf_trim(&sb);
- -              if (!sb.len)
- -                      continue;
- -
- -              if (parse_oid_hex(sb.buf, &oid, &p) || *p != '\0')
- -                      die("Invalid SHA-1: %s", sb.buf);
- -              oidset_insert(&options->skiplist, &oid);
- -      }
- -      if (ferror(fp))
- -              die_errno("Could not read '%s'", path);
- -      fclose(fp);
- -      strbuf_release(&sb);
- -}
- -
   static int parse_msg_type(const char *str)
   {
         if (!strcmp(str, "error"))
@@@ -250,7 -286,7 +251,7 @@@ void fsck_set_msg_types(struct fsck_opt
                 if (!strcmp(buf, "skiplist")) {
                         if (equal == len)
                                 die("skiplist requires a path");
- -                      init_skiplist(options, buf + equal + 1);
+ +                      oidset_parse_file(&options->skiplist, buf + equal + 1);
                         buf += len + 1;
                         continue;
                 }
@@@ -947,6 -983,19 +948,19 @@@ static int fsck_tag(struct tag *tag, co
         return fsck_tag_buffer(tag, data, size, options);
   }
   
+ static int check_submodule_url(const char *url)
+ {
+       struct credential c = CREDENTIAL_INIT;
+       int ret;
+ 
+       if (looks_like_command_line_option(url))
+               return -1;
+ 
+       ret = credential_from_url_gently(&c, url, 1);
+       credential_clear(&c);
+       return ret;
+ }
+ 
   struct fsck_gitmodules_data {
         struct object *obj;
         struct fsck_options *options;
@@@ -971,7 -1020,7 +985,7 @@@ static int fsck_gitmodules_fn(const cha
                                     "disallowed submodule name: %s",
                                     name);
         if (!strcmp(key, "url") && value &&
-           looks_like_command_line_option(value))
+           check_submodule_url(value) < 0)
                 data->ret |= report(data->options, data->obj,
                                     FSCK_MSG_GITMODULES_URL,
                                     "disallowed submodule url: %s",
@@@ -1080,7 -1129,7 +1094,7 @@@ int fsck_finish(struct fsck_options *op
   
                 blob = lookup_blob(the_repository, oid);
                 if (!blob) {
- -                      struct object *obj = lookup_unknown_object(oid->hash);
+ +                      struct object *obj = lookup_unknown_object(oid);
                         ret |= report(options, obj,
                                       FSCK_MSG_GITMODULES_BLOB,
                                       "non-blob found at .gitmodules");
author	Junio C Hamano <gitster@pobox.com>
	Tue, 17 Mar 2020 21:33:34 +0000 (14:33 -0700)
committer	Junio C Hamano <gitster@pobox.com>
	Tue, 17 Mar 2020 21:33:34 +0000 (14:33 -0700)
		1	2
Documentation/RelNotes/2.23.2.txt	patch \|	\|	\|	blob
GIT-VERSION-GEN	patch \|	diff1 \|	diff2 \|	blob \| history
RelNotes	patch \|	diff1 \|	diff2 \|	blob \| history
fsck.c	patch \|	diff1 \|	diff2 \|	blob \| history