Merge branch 'ml/replace-auto-execok'

This addresses CVE-2025-46334, Git GUI malicious command injection on Windows. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes the current directory. The mentioned programs are invoked when the user selects "Git Bash" or "Browse Files" from the menu. Signed-off-by: Johannes Sixt <j6t@kdbg.org>
author: Johannes Sixt <j6t@kdbg.org> 2025-05-20 08:54:24 +0200
committer: Taylor Blau <me@ttaylorr.com> 2025-05-23 17:04:30 -0400
commit: a7d1716fa648f6557ea9c91e0f04bae2e8738e6a (patch)
tree: 64b5354ac410b05e589830d1722b294faec3966b /git-gui/lib/shortcut.tcl
parent: Merge branch 'js/fix-open-exec' (diff)
parent: git-gui: override exec and open only on Windows (diff)
download: git-a7d1716fa648f6557ea9c91e0f04bae2e8738e6a.tar.gz
git-a7d1716fa648f6557ea9c91e0f04bae2e8738e6a.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/git-gui/lib/shortcut.tcl b/git-gui/lib/shortcut.tcl
index 674a41f5e0..263f4899c9 100644
--- a/git-gui/lib/shortcut.tcl
+++ b/git-gui/lib/shortcut.tcl
@@ -12,7 +12,7 @@ proc do_windows_shortcut {} {
 			set fn ${fn}.lnk
 		}
 		# Use git-gui.exe if available (ie: git-for-windows)
-		set cmdLine [auto_execok git-gui.exe]
+		set cmdLine [list [_which git-gui]]
 		if {$cmdLine eq {}} {
 			set cmdLine [list [info nameofexecutable] \
 							 [file normalize $::argv0]]
author	Johannes Sixt <j6t@kdbg.org>	2025-05-20 08:54:24 +0200
committer	Taylor Blau <me@ttaylorr.com>	2025-05-23 17:04:30 -0400
commit	a7d1716fa648f6557ea9c91e0f04bae2e8738e6a (patch)
tree	64b5354ac410b05e589830d1722b294faec3966b /git-gui/lib/shortcut.tcl
parent	Merge branch 'js/fix-open-exec' (diff)
parent	git-gui: override exec and open only on Windows (diff)
download	git-a7d1716fa648f6557ea9c91e0f04bae2e8738e6a.tar.gz git-a7d1716fa648f6557ea9c91e0f04bae2e8738e6a.zip