From: Jonathan Nieder Date: Sun, 19 Apr 2020 23:31:07 +0000 (-0700) Subject: Git 2.25.4 X-Git-Tag: v2.25.4^0 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7397ca33730626f682845f8691b39c305535611e;p=thirdparty%2Fgit.git Git 2.25.4 This merges up the security fix from v2.17.5. Signed-off-by: Jonathan Nieder --- 7397ca33730626f682845f8691b39c305535611e diff --cc Documentation/RelNotes/2.25.4.txt index 0000000000,0000000000..0dbb5daeec new file mode 100644 --- /dev/null +++ b/Documentation/RelNotes/2.25.4.txt @@@ -1,0 -1,0 +1,5 @@@ ++Git v2.25.4 Release Notes ++========================= ++ ++This release merges the security fix that appears in v2.17.5; see ++the release notes for that version for details. diff --cc GIT-VERSION-GEN index 26fbde3f21,9e7b797dfd..77217e0897 --- a/GIT-VERSION-GEN +++ b/GIT-VERSION-GEN @@@ -1,7 -1,7 +1,7 @@@ #!/bin/sh GVF=GIT-VERSION-FILE - DEF_VER=v2.25.3 -DEF_VER=v2.24.3 ++DEF_VER=v2.25.4 LF=' ' diff --cc RelNotes index 96469c66f8,0b74eb5378..f579f9f817 --- a/RelNotes +++ b/RelNotes @@@ -1,1 -1,1 +1,1 @@@ - Documentation/RelNotes/2.25.3.txt -Documentation/RelNotes/2.24.3.txt ++Documentation/RelNotes/2.25.4.txt diff --cc fsck.c index dc6f6ac3de,00077b107d..73f30773f2 --- a/fsck.c +++ b/fsck.c @@@ -911,10 -937,116 +912,104 @@@ done return ret; } -static int fsck_tag(struct tag *tag, const char *data, - unsigned long size, struct fsck_options *options) -{ - struct object *tagged = tag->tagged; - - if (!tagged) - return report(options, &tag->object, FSCK_MSG_BAD_TAG_OBJECT, "could not load tagged object"); - - return fsck_tag_buffer(tag, data, size, options); -} - + /* + * Like builtin/submodule--helper.c's starts_with_dot_slash, but without + * relying on the platform-dependent is_dir_sep helper. + * + * This is for use in checking whether a submodule URL is interpreted as + * relative to the current directory on any platform, since \ is a + * directory separator on Windows but not on other platforms. + */ + static int starts_with_dot_slash(const char *str) + { + return str[0] == '.' && (str[1] == '/' || str[1] == '\\'); + } + + /* + * Like starts_with_dot_slash, this is a variant of submodule--helper's + * helper of the same name with the twist that it accepts backslash as a + * directory separator even on non-Windows platforms. + */ + static int starts_with_dot_dot_slash(const char *str) + { + return str[0] == '.' && starts_with_dot_slash(str + 1); + } + + static int submodule_url_is_relative(const char *url) + { + return starts_with_dot_slash(url) || starts_with_dot_dot_slash(url); + } + + /* + * Count directory components that a relative submodule URL should chop + * from the remote_url it is to be resolved against. + * + * In other words, this counts "../" components at the start of a + * submodule URL. + * + * Returns the number of directory components to chop and writes a + * pointer to the next character of url after all leading "./" and + * "../" components to out. + */ + static int count_leading_dotdots(const char *url, const char **out) + { + int result = 0; + while (1) { + if (starts_with_dot_dot_slash(url)) { + result++; + url += strlen("../"); + continue; + } + if (starts_with_dot_slash(url)) { + url += strlen("./"); + continue; + } + *out = url; + return result; + } + } + /* + * Check whether a transport is implemented by git-remote-curl. + * + * If it is, returns 1 and writes the URL that would be passed to + * git-remote-curl to the "out" parameter. + * + * Otherwise, returns 0 and leaves "out" untouched. + * + * Examples: + * http::https://example.com/repo.git -> 1, https://example.com/repo.git + * https://example.com/repo.git -> 1, https://example.com/repo.git + * git://example.com/repo.git -> 0 + * + * This is for use in checking for previously exploitable bugs that + * required a submodule URL to be passed to git-remote-curl. + */ + static int url_to_curl_url(const char *url, const char **out) + { + /* + * We don't need to check for case-aliases, "http.exe", and so + * on because in the default configuration, is_transport_allowed + * prevents URLs with those schemes from being cloned + * automatically. + */ + if (skip_prefix(url, "http::", out) || + skip_prefix(url, "https::", out) || + skip_prefix(url, "ftp::", out) || + skip_prefix(url, "ftps::", out)) + return 1; + if (starts_with(url, "http://") || + starts_with(url, "https://") || + starts_with(url, "ftp://") || + starts_with(url, "ftps://")) { + *out = url; + return 1; + } + return 0; + } + static int check_submodule_url(const char *url) { - struct credential c = CREDENTIAL_INIT; - int ret; + const char *curl_url; if (looks_like_command_line_option(url)) return -1;