diff options
| author | Johannes Schindelin <johannes.schindelin@gmx.de> | 2024-04-17 11:38:18 +0200 |
|---|---|---|
| committer | Johannes Schindelin <johannes.schindelin@gmx.de> | 2024-04-19 12:38:42 +0200 |
| commit | f5b2af06f55c0f21ae0199be5fe120f2cccd698b (patch) | |
| tree | 8a247278428ea30cef8baeb0d98e425f3fb51028 /config.c | |
| parent | Merge branch 'jk/redact-h2h3-headers-fix' into maint-2.41 (diff) | |
| parent | Git 2.40.2 (diff) | |
| download | git-f5b2af06f55c0f21ae0199be5fe120f2cccd698b.tar.gz git-f5b2af06f55c0f21ae0199be5fe120f2cccd698b.zip | |
Sync with 2.40.2
* maint-2.40: (39 commits)
Git 2.40.2
Git 2.39.4
fsck: warn about symlink pointing inside a gitdir
core.hooksPath: add some protection while cloning
init.templateDir: consider this config setting protected
clone: prevent hooks from running during a clone
Add a helper function to compare file contents
init: refactor the template directory discovery into its own function
find_hook(): refactor the `STRIP_EXTENSION` logic
clone: when symbolic links collide with directories, keep the latter
entry: report more colliding paths
t5510: verify that D/F confusion cannot lead to an RCE
submodule: require the submodule path to contain directories only
clone_submodule: avoid using `access()` on directories
submodules: submodule paths must not contain symlinks
clone: prevent clashing git dirs when cloning submodule in parallel
t7423: add tests for symlinked submodule directories
has_dir_name(): do not get confused by characters < '/'
docs: document security issues around untrusted .git dirs
upload-pack: disable lazy-fetching by default
...
Diffstat (limited to 'config.c')
| -rw-r--r-- | config.c | 13 |
1 files changed, 12 insertions, 1 deletions
@@ -1596,8 +1596,19 @@ static int git_default_core_config(const char *var, const char *value, void *cb) if (!strcmp(var, "core.attributesfile")) return git_config_pathname(&git_attributes_file, var, value); - if (!strcmp(var, "core.hookspath")) + if (!strcmp(var, "core.hookspath")) { + if (current_config_scope() == CONFIG_SCOPE_LOCAL && + git_env_bool("GIT_CLONE_PROTECTION_ACTIVE", 0)) + die(_("active `core.hooksPath` found in the local " + "repository config:\n\t%s\nFor security " + "reasons, this is disallowed by default.\nIf " + "this is intentional and the hook should " + "actually be run, please\nrun the command " + "again with " + "`GIT_CLONE_PROTECTION_ACTIVE=false`"), + value); return git_config_pathname(&git_hooks_path, var, value); + } if (!strcmp(var, "core.bare")) { is_bare_repository_cfg = git_config_bool(var, value); |