diff options
author | Junio C Hamano <gitster@pobox.com> | 2024-05-13 18:29:15 -0700 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2024-05-13 18:29:15 -0700 |
commit | 83f1add914c6b4682de1e944ec0d1ac043d53d78 (patch) | |
tree | 019da832054b17c504a3000ddff3a39394c8daea /path.c | |
parent | 3e4a232f6e3bd3b7dd920bb07b21cf1c8b4e1a7f (diff) | |
parent | 2c7b491c1d3107be35c375f59e040b0f13d0cc0c (diff) | |
download | git-master.tar.gz |
* tag 'v2.45.1': (42 commits)
Git 2.45.1
Git 2.44.1
Git 2.43.4
Git 2.42.2
Git 2.41.1
Git 2.40.2
Git 2.39.4
fsck: warn about symlink pointing inside a gitdir
core.hooksPath: add some protection while cloning
init.templateDir: consider this config setting protected
clone: prevent hooks from running during a clone
Add a helper function to compare file contents
init: refactor the template directory discovery into its own function
find_hook(): refactor the `STRIP_EXTENSION` logic
clone: when symbolic links collide with directories, keep the latter
entry: report more colliding paths
t5510: verify that D/F confusion cannot lead to an RCE
submodule: require the submodule path to contain directories only
clone_submodule: avoid using `access()` on directories
submodules: submodule paths must not contain symlinks
...
Diffstat (limited to 'path.c')
-rw-r--r-- | path.c | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -829,6 +829,7 @@ const char *enter_repo(const char *path, int strict) if (!suffix[i]) return NULL; gitfile = read_gitfile(used_path.buf); + die_upon_dubious_ownership(gitfile, NULL, used_path.buf); if (gitfile) { strbuf_reset(&used_path); strbuf_addstr(&used_path, gitfile); @@ -839,6 +840,7 @@ const char *enter_repo(const char *path, int strict) } else { const char *gitfile = read_gitfile(path); + die_upon_dubious_ownership(gitfile, NULL, path); if (gitfile) path = gitfile; if (chdir(path)) |