| commit | 205d94e8831f10790c8b6c2fe41eb6a1169fc31a | |
| author | Kyle J. McKay <mackyle@gmail.com> | |
| Mon, 1 Sep 2014 07:54:35 +0000 (1 00:54 -0700) | ||
| committer | Kyle J. McKay <mackyle@gmail.com> | |
| Mon, 1 Sep 2014 07:54:35 +0000 (1 00:54 -0700) | ||
| tree | 308b985122e4ca4a9f0396f2ff1333992c1c121f | treesnapshot (tar.gz zip) |
| parent | f85fc0da5d6d20f83af6bb7786c503d04c6f98ed | commitdiff |
git/http transports: do more project name validation
Due to the way projects and forks are laid out, it's possible to
push a collection of refs that creates a directory layout that
resembles a GIT_DIR. Enough so that Git will think it is one
and fail miserably on many activities. This could, perhaps, be
used to corrupt the repository on a push.
In order to do this, the project/fork path would have to contain
an embedded '.git/' sequence. Check for this and forbid it.
The UI will not allow a project/fork name to be created that ends
in .git so this could only happen maliciously.
Due to the way projects and forks are laid out, it's possible to
push a collection of refs that creates a directory layout that
resembles a GIT_DIR. Enough so that Git will think it is one
and fail miserably on many activities. This could, perhaps, be
used to corrupt the repository on a push.
In order to do this, the project/fork path would have to contain
an embedded '.git/' sequence. Check for this and forbid it.
The UI will not allow a project/fork name to be created that ends
in .git so this could only happen maliciously.
| bin/git-http-backend-verify | diffblobblamehistory | |
| bin/git-shell-verify | diffblobblamehistory |