diff options
| -rw-r--r-- | Documentation/RelNotes/2.10.3.txt | 7 | ||||
| -rw-r--r-- | Documentation/RelNotes/2.11.2.txt | 12 | ||||
| -rw-r--r-- | Documentation/RelNotes/2.12.3.txt | 7 | ||||
| -rw-r--r-- | Documentation/RelNotes/2.4.12.txt | 12 | ||||
| -rw-r--r-- | Documentation/RelNotes/2.5.6.txt | 12 | ||||
| -rw-r--r-- | Documentation/RelNotes/2.6.7.txt | 12 | ||||
| -rw-r--r-- | Documentation/RelNotes/2.7.5.txt | 14 | ||||
| -rw-r--r-- | Documentation/RelNotes/2.8.5.txt | 12 | ||||
| -rw-r--r-- | Documentation/RelNotes/2.9.4.txt | 7 | ||||
| -rw-r--r-- | Documentation/git.txt | 30 | ||||
| -rw-r--r-- | shell.c | 2 | ||||
| -rwxr-xr-x | t/t1450-fsck.sh | 34 |
12 files changed, 142 insertions, 19 deletions
diff --git a/Documentation/RelNotes/2.10.3.txt b/Documentation/RelNotes/2.10.3.txt index 277a2a18a7..ad6a01bf83 100644 --- a/Documentation/RelNotes/2.10.3.txt +++ b/Documentation/RelNotes/2.10.3.txt @@ -45,4 +45,11 @@ Fixes since v2.10.2 * Improve the rule to convert "unsigned char [20]" into "struct object_id *" in contrib/coccinelle/ + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). + Also contains minor documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.11.2.txt b/Documentation/RelNotes/2.11.2.txt new file mode 100644 index 0000000000..7428851168 --- /dev/null +++ b/Documentation/RelNotes/2.11.2.txt @@ -0,0 +1,12 @@ +Git v2.11.2 Release Notes +========================= + +Fixes since v2.11.1 +------------------- + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.12.3.txt b/Documentation/RelNotes/2.12.3.txt index 73ce7daa5c..ebca846d5d 100644 --- a/Documentation/RelNotes/2.12.3.txt +++ b/Documentation/RelNotes/2.12.3.txt @@ -54,4 +54,11 @@ Fixes since v2.12.2 turn revealed incorrect expectations the tests make. These tests have been updated. + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). + Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.4.12.txt b/Documentation/RelNotes/2.4.12.txt new file mode 100644 index 0000000000..7d15f94725 --- /dev/null +++ b/Documentation/RelNotes/2.4.12.txt @@ -0,0 +1,12 @@ +Git v2.4.12 Release Notes +========================= + +Fixes since v2.4.11 +------------------- + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.5.6.txt b/Documentation/RelNotes/2.5.6.txt new file mode 100644 index 0000000000..9cd025bb1c --- /dev/null +++ b/Documentation/RelNotes/2.5.6.txt @@ -0,0 +1,12 @@ +Git v2.5.6 Release Notes +======================== + +Fixes since v2.5.5 +------------------ + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.6.7.txt b/Documentation/RelNotes/2.6.7.txt new file mode 100644 index 0000000000..1335de49a6 --- /dev/null +++ b/Documentation/RelNotes/2.6.7.txt @@ -0,0 +1,12 @@ +Git v2.6.7 Release Notes +======================== + +Fixes since v2.6.6 +------------------ + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.7.5.txt b/Documentation/RelNotes/2.7.5.txt new file mode 100644 index 0000000000..83559ce3b2 --- /dev/null +++ b/Documentation/RelNotes/2.7.5.txt @@ -0,0 +1,14 @@ +Git v2.7.5 Release Notes +======================== + +Fixes since v2.7.4 +------------------ + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). + +Also contains a few fixes backported from later development tracks. diff --git a/Documentation/RelNotes/2.8.5.txt b/Documentation/RelNotes/2.8.5.txt new file mode 100644 index 0000000000..7bd179fa12 --- /dev/null +++ b/Documentation/RelNotes/2.8.5.txt @@ -0,0 +1,12 @@ +Git v2.8.5 Release Notes +======================== + +Fixes since v2.8.4 +------------------ + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.9.4.txt b/Documentation/RelNotes/2.9.4.txt index 01e864278b..9768293831 100644 --- a/Documentation/RelNotes/2.9.4.txt +++ b/Documentation/RelNotes/2.9.4.txt @@ -80,4 +80,11 @@ Fixes since v2.9.3 the file descriptor still open. Open tempfile with O_CLOEXEC flag to avoid this (on Windows, this is mapped to O_NOINHERIT). + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). + Also contains minor documentation updates and code clean-ups. diff --git a/Documentation/git.txt b/Documentation/git.txt index ecc1bb4bd7..e9fc891a7f 100644 --- a/Documentation/git.txt +++ b/Documentation/git.txt @@ -44,54 +44,62 @@ unreleased) version of Git, that is available from the 'master' branch of the `git.git` repository. Documentation for older releases are available here: -* link:v2.12.2/git.html[documentation for release 2.12.2] +* link:v2.12.3/git.html[documentation for release 2.12.3] * release notes for - link:RelNotes/2.12.2.txt[2.12.2]. - link:RelNotes/2.12.1.txt[2.12.1]. + link:RelNotes/2.12.3.txt[2.12.3], + link:RelNotes/2.12.2.txt[2.12.2], + link:RelNotes/2.12.1.txt[2.12.1], link:RelNotes/2.12.0.txt[2.12]. * link:v2.11.1/git.html[documentation for release 2.11.1] * release notes for + link:RelNotes/2.11.2.txt[2.11.2], link:RelNotes/2.11.1.txt[2.11.1], link:RelNotes/2.11.0.txt[2.11]. -* link:v2.10.2/git.html[documentation for release 2.10.2] +* link:v2.10.3/git.html[documentation for release 2.10.3] * release notes for + link:RelNotes/2.10.3.txt[2.10.3], link:RelNotes/2.10.2.txt[2.10.2], link:RelNotes/2.10.1.txt[2.10.1], link:RelNotes/2.10.0.txt[2.10]. -* link:v2.9.3/git.html[documentation for release 2.9.3] +* link:v2.9.4/git.html[documentation for release 2.9.4] * release notes for + link:RelNotes/2.9.4.txt[2.9.4], link:RelNotes/2.9.3.txt[2.9.3], link:RelNotes/2.9.2.txt[2.9.2], link:RelNotes/2.9.1.txt[2.9.1], link:RelNotes/2.9.0.txt[2.9]. -* link:v2.8.4/git.html[documentation for release 2.8.4] +* link:v2.8.5/git.html[documentation for release 2.8.5] * release notes for + link:RelNotes/2.8.5.txt[2.8.5], link:RelNotes/2.8.4.txt[2.8.4], link:RelNotes/2.8.3.txt[2.8.3], link:RelNotes/2.8.2.txt[2.8.2], link:RelNotes/2.8.1.txt[2.8.1], link:RelNotes/2.8.0.txt[2.8]. -* link:v2.7.3/git.html[documentation for release 2.7.3] +* link:v2.7.5/git.html[documentation for release 2.7.5] * release notes for + link:RelNotes/2.7.5.txt[2.7.5], + link:RelNotes/2.7.4.txt[2.7.4], link:RelNotes/2.7.3.txt[2.7.3], link:RelNotes/2.7.2.txt[2.7.2], link:RelNotes/2.7.1.txt[2.7.1], link:RelNotes/2.7.0.txt[2.7]. -* link:v2.6.6/git.html[documentation for release 2.6.6] +* link:v2.6.7/git.html[documentation for release 2.6.7] * release notes for + link:RelNotes/2.6.7.txt[2.6.7], link:RelNotes/2.6.6.txt[2.6.6], link:RelNotes/2.6.5.txt[2.6.5], link:RelNotes/2.6.4.txt[2.6.4], @@ -100,9 +108,10 @@ Documentation for older releases are available here: link:RelNotes/2.6.1.txt[2.6.1], link:RelNotes/2.6.0.txt[2.6]. -* link:v2.5.5/git.html[documentation for release 2.5.5] +* link:v2.5.6/git.html[documentation for release 2.5.6] * release notes for + link:RelNotes/2.5.6.txt[2.5.6], link:RelNotes/2.5.5.txt[2.5.5], link:RelNotes/2.5.4.txt[2.5.4], link:RelNotes/2.5.3.txt[2.5.3], @@ -110,9 +119,10 @@ Documentation for older releases are available here: link:RelNotes/2.5.1.txt[2.5.1], link:RelNotes/2.5.0.txt[2.5]. -* link:v2.4.11/git.html[documentation for release 2.4.11] +* link:v2.4.12/git.html[documentation for release 2.4.12] * release notes for + link:RelNotes/2.4.12.txt[2.4.12], link:RelNotes/2.4.11.txt[2.4.11], link:RelNotes/2.4.10.txt[2.4.10], link:RelNotes/2.4.9.txt[2.4.9], @@ -13,7 +13,7 @@ static int do_generic_cmd(const char *me, char *arg) const char *my_argv[4]; setup_path(); - if (!arg || !(arg = sq_dequote(arg))) + if (!arg || !(arg = sq_dequote(arg)) || *arg == '-') die("bad argument"); if (!starts_with(me, "git-")) die("bad command"); diff --git a/t/t1450-fsck.sh b/t/t1450-fsck.sh index 677e15a7a4..adf0bc88ba 100755 --- a/t/t1450-fsck.sh +++ b/t/t1450-fsck.sh @@ -689,17 +689,35 @@ test_expect_success 'bogus head does not fallback to all heads' ' ! grep $blob out ' +# Corrupt the checksum on the index. +# Add 1 to the last byte in the SHA. +corrupt_index_checksum () { + perl -w -e ' + use Fcntl ":seek"; + open my $fh, "+<", ".git/index" or die "open: $!"; + binmode $fh; + seek $fh, -1, SEEK_END or die "seek: $!"; + read $fh, my $in_byte, 1 or die "read: $!"; + + $in_value = unpack("C", $in_byte); + $out_value = ($in_value + 1) & 255; + + $out_byte = pack("C", $out_value); + + seek $fh, -1, SEEK_END or die "seek: $!"; + print $fh $out_byte; + close $fh or die "close: $!"; + ' +} + +# Corrupt the checksum on the index and then +# verify that only fsck notices. test_expect_success 'detect corrupt index file in fsck' ' cp .git/index .git/index.backup && test_when_finished "mv .git/index.backup .git/index" && - echo zzzzzzzz >zzzzzzzz && - git add zzzzzzzz && - sed -e "s/zzzzzzzz/yyyyyyyy/" .git/index >.git/index.yyy && - mv .git/index.yyy .git/index && - # Confirm that fsck detects invalid checksum - test_must_fail git fsck --cache && - # Confirm that status no longer complains about invalid checksum - git status + corrupt_index_checksum && + test_must_fail git fsck --cache 2>errors && + grep "bad index file" errors ' test_done |