From e693237e2ba27b6129e8af7f6a794f5c2fbd26f3 Mon Sep 17 00:00:00 2001 From: Christian Couder Date: Wed, 29 May 2019 14:44:32 +0200 Subject: list-objects-filter: disable 'sparse:path' filters If someone wants to use as a filter a sparse file that is in the repository, something like "--filter=sparse:oid=:" already works. So 'sparse:path' is only interesting if the sparse file is not in the repository. In this case though the current implementation has a big security issue, as it makes it possible to ask the server to read any file, like for example /etc/password, and to explore the filesystem, as well as individual lines of files. If someone is interested in using a sparse file that is not in the repository as a filter, then at the minimum a config option, such as "uploadpack.sparsePathFilter", should be implemented first to restrict the directory from which the files specified by 'sparse:path' can be read. For now though, let's just disable 'sparse:path' filters. Helped-by: Matthew DeVore Helped-by: Jeff Hostetler Signed-off-by: Christian Couder Signed-off-by: Junio C Hamano --- list-objects-filter-options.h | 2 -- 1 file changed, 2 deletions(-) (limited to 'list-objects-filter-options.h') diff --git a/list-objects-filter-options.h b/list-objects-filter-options.h index e3adc78ebf..c54f0000fb 100644 --- a/list-objects-filter-options.h +++ b/list-objects-filter-options.h @@ -13,7 +13,6 @@ enum list_objects_filter_choice { LOFC_BLOB_LIMIT, LOFC_TREE_DEPTH, LOFC_SPARSE_OID, - LOFC_SPARSE_PATH, LOFC__COUNT /* must be last */ }; @@ -44,7 +43,6 @@ struct list_objects_filter_options { * choice. */ struct object_id *sparse_oid_value; - char *sparse_path_value; unsigned long blob_limit_value; unsigned long tree_exclude_depth; }; -- cgit v1.2.3