From bd590bde5846889dea72d301d7cd8abd70e5b0e1 Mon Sep 17 00:00:00 2001 From: "brian m. carlson" Date: Wed, 17 Apr 2024 00:02:35 +0000 Subject: docs: set a limit on credential line length We recently introduced a way for credential helpers to add arbitrary state as part of the protocol. Set some limits on line length to avoid helpers passing extremely large amounts of data. While Git doesn't have a fixed parsing length, there are other tools which support this protocol and it's kind to allow them to use a reasonable fixed-size buffer for parsing. In addition, we would like to be moderate in our memory usage and imposing reasonable limits is helpful for that purpose. In the event a credential helper is incapable of storing its serialized state in 64 KiB, it can feel free to serialize it on disk and store a reference instead. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano --- Documentation/git-credential.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Documentation/git-credential.txt b/Documentation/git-credential.txt index f63a8e0458..4bbf2db9ca 100644 --- a/Documentation/git-credential.txt +++ b/Documentation/git-credential.txt @@ -111,7 +111,9 @@ attribute per line. Each attribute is specified by a key-value pair, separated by an `=` (equals) sign, followed by a newline. The key may contain any bytes except `=`, newline, or NUL. The value may -contain any bytes except newline or NUL. +contain any bytes except newline or NUL. A line, including the trailing +newline, may not exceed 65535 bytes in order to allow implementations to +parse efficiently. Attributes with keys that end with C-style array brackets `[]` can have multiple values. Each instance of a multi-valued attribute forms an -- cgit 1.2.3-korg