From: Junio C Hamano Date: Wed, 18 Mar 2020 01:12:01 +0000 (-0700) Subject: Git 2.25.3 X-Git-Tag: v2.25.3^0 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=67b0a24910fbb23c8f5e7a2c61c339818bc68296;p=thirdparty%2Fgit.git Git 2.25.3 Signed-off-by: Junio C Hamano --- 67b0a24910fbb23c8f5e7a2c61c339818bc68296 diff --cc Documentation/RelNotes/2.25.3.txt index 0000000000,0000000000..15f7f21f10 new file mode 100644 --- /dev/null +++ b/Documentation/RelNotes/2.25.3.txt @@@ -1,0 -1,0 +1,5 @@@ ++Git v2.25.3 Release Notes ++========================= ++ ++This release merges the security fix that appears in v2.17.4; see ++the release notes for that version for details. diff --cc GIT-VERSION-GEN index 61023f4097,8480762ca5..26fbde3f21 --- a/GIT-VERSION-GEN +++ b/GIT-VERSION-GEN @@@ -1,7 -1,7 +1,7 @@@ #!/bin/sh GVF=GIT-VERSION-FILE - DEF_VER=v2.25.2 -DEF_VER=v2.24.2 ++DEF_VER=v2.25.3 LF=' ' diff --cc RelNotes index 19e8340eb9,bb01306eef..96469c66f8 --- a/RelNotes +++ b/RelNotes @@@ -1,1 -1,1 +1,1 @@@ - Documentation/RelNotes/2.25.2.txt -Documentation/RelNotes/2.24.2.txt ++Documentation/RelNotes/2.25.3.txt diff --cc credential.h index a5a3ee9bb8,122a23cd2f..96d602eb3b --- a/credential.h +++ b/credential.h @@@ -172,8 -29,21 +172,21 @@@ void credential_reject(struct credentia int credential_read(struct credential *, FILE *); void credential_write(const struct credential *, FILE *); - /* Parse a URL into broken-down credential fields. */ + /* + * Parse a url into a credential struct, replacing any existing contents. + * - * Ifthe url can't be parsed (e.g., a missing "proto://" component), the ++ * If the url can't be parsed (e.g., a missing "proto://" component), the + * resulting credential will be empty but we'll still return success from the + * "gently" form. + * + * If we encounter a component which cannot be represented as a credential + * value (e.g., because it contains a newline), the "gently" form will return + * an error but leave the broken state in the credential object for further + * examination. The non-gentle form will issue a warning to stderr and return + * an empty credential. + */ void credential_from_url(struct credential *, const char *url); + int credential_from_url_gently(struct credential *, const char *url, int quiet); int credential_match(const struct credential *have, const struct credential *want); diff --cc fsck.c index 640d813d84,ea46eeade6..dc6f6ac3de --- a/fsck.c +++ b/fsck.c @@@ -910,8 -936,33 +911,21 @@@ done return ret; } -static int fsck_tag(struct tag *tag, const char *data, - unsigned long size, struct fsck_options *options) -{ - struct object *tagged = tag->tagged; - - if (!tagged) - return report(options, &tag->object, FSCK_MSG_BAD_TAG_OBJECT, "could not load tagged object"); - - return fsck_tag_buffer(tag, data, size, options); -} - + static int check_submodule_url(const char *url) + { + struct credential c = CREDENTIAL_INIT; + int ret; + + if (looks_like_command_line_option(url)) + return -1; + + ret = credential_from_url_gently(&c, url, 1); + credential_clear(&c); + return ret; + } + struct fsck_gitmodules_data { - struct object *obj; + const struct object_id *oid; struct fsck_options *options; int ret; }; @@@ -935,9 -985,8 +949,9 @@@ static int fsck_gitmodules_fn(const cha "disallowed submodule name: %s", name); if (!strcmp(key, "url") && value && - looks_like_command_line_option(value)) + check_submodule_url(value) < 0) - data->ret |= report(data->options, data->obj, + data->ret |= report(data->options, + data->oid, OBJ_BLOB, FSCK_MSG_GITMODULES_URL, "disallowed submodule url: %s", value);