mbox series

[0/2] disallow newlines in git:// URLs

Message ID X/bXV9dGFK2bxBV0@coredump.intra.peff.net (mailing list archive)
Headers show
Series disallow newlines in git:// URLs | expand

Message

Jeff King Jan. 7, 2021, 9:41 a.m. UTC 
This addresses an issue brought up by Harold Kim on the security list.
In general, Git handles repo paths with newlines just fine, and this
even works over the git:// protocol. However, because of the sparseness
of that protocol, it's easy to craft a malicious URL that makes a valid
request for other protocols, like http (and submodules make it easy-ish
to convince somebody to clone your crafted URL).

Since it's unlikely that anybody is relying on having a newline in their
git:// repo in the first place, it's worth outlawing them to make it
less likely for a Git client to be used as a protocol redirect.

  [1/2]: git_connect_git(): forbid newlines in host and path
  [2/2]: fsck: reject .gitmodules git:// urls with newlines

 connect.c                     |  2 ++
 fsck.c                        |  2 +-
 t/t5570-git-daemon.sh         |  5 +++++
 t/t7416-submodule-dash-url.sh | 15 +++++++++++++++
 4 files changed, 23 insertions(+), 1 deletion(-)

-Peff