--- /dev/null
--- /dev/null
++Git v2.25.3 Release Notes
++=========================
++
++This release merges the security fix that appears in v2.17.4; see
++the release notes for that version for details.
#!/bin/sh
GVF=GIT-VERSION-FILE
- DEF_VER=v2.25.2
-DEF_VER=v2.24.2
++DEF_VER=v2.25.3
LF='
'
- Documentation/RelNotes/2.25.2.txt
-Documentation/RelNotes/2.24.2.txt
++Documentation/RelNotes/2.25.3.txt
int credential_read(struct credential *, FILE *);
void credential_write(const struct credential *, FILE *);
- /* Parse a URL into broken-down credential fields. */
+ /*
+ * Parse a url into a credential struct, replacing any existing contents.
+ *
- * Ifthe url can't be parsed (e.g., a missing "proto://" component), the
++ * If the url can't be parsed (e.g., a missing "proto://" component), the
+ * resulting credential will be empty but we'll still return success from the
+ * "gently" form.
+ *
+ * If we encounter a component which cannot be represented as a credential
+ * value (e.g., because it contains a newline), the "gently" form will return
+ * an error but leave the broken state in the credential object for further
+ * examination. The non-gentle form will issue a warning to stderr and return
+ * an empty credential.
+ */
void credential_from_url(struct credential *, const char *url);
+ int credential_from_url_gently(struct credential *, const char *url, int quiet);
int credential_match(const struct credential *have,
const struct credential *want);
return ret;
}
-static int fsck_tag(struct tag *tag, const char *data,
- unsigned long size, struct fsck_options *options)
-{
- struct object *tagged = tag->tagged;
-
- if (!tagged)
- return report(options, &tag->object, FSCK_MSG_BAD_TAG_OBJECT, "could not load tagged object");
-
- return fsck_tag_buffer(tag, data, size, options);
-}
-
+ static int check_submodule_url(const char *url)
+ {
+ struct credential c = CREDENTIAL_INIT;
+ int ret;
+
+ if (looks_like_command_line_option(url))
+ return -1;
+
+ ret = credential_from_url_gently(&c, url, 1);
+ credential_clear(&c);
+ return ret;
+ }
+
struct fsck_gitmodules_data {
- struct object *obj;
+ const struct object_id *oid;
struct fsck_options *options;
int ret;
};
"disallowed submodule name: %s",
name);
if (!strcmp(key, "url") && value &&
- looks_like_command_line_option(value))
+ check_submodule_url(value) < 0)
- data->ret |= report(data->options, data->obj,
+ data->ret |= report(data->options,
+ data->oid, OBJ_BLOB,
FSCK_MSG_GITMODULES_URL,
"disallowed submodule url: %s",
value);