Revision 820d7650cc670d3e4195aad3a5343158c316e8fa authored by Junio C Hamano on 26 July 2017, 17:24:20 UTC, committed by Junio C Hamano on 28 July 2017, 22:51:14 UTC
When commands like "git fetch" talk with ssh://$rest_of_URL/, the
code splits $rest_of_URL into components like host, port, etc., and
then spawns the underlying "ssh" program by formulating argv[] array
that has:
- the path to ssh command taken from GIT_SSH_COMMAND, etc.
- dashed options like '-batch' (for Tortoise), '-p <port>' as
needed.
- ssh_host, which is supposed to be the hostname parsed out of
$rest_of_URL.
- then the command to be run on the other side, e.g. git
upload-pack.
If the ssh_host ends up getting '-<anything>', the argv[] that is
used to spawn the command becomes something like:
{ "ssh", "-p", "22", "-<anything>", "command", "to", "run", NULL }
which obviously is bogus, but depending on the actual value of
"<anything>", will make "ssh" parse and use it as an option.
Prevent this by forbidding ssh_host that begins with a "-".
Noticed-by: Joern Schneeweisz of Recurity Labs
Reported-by: Brian at GitLab
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Reviewed-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
1 parent c8dd1e3
t4017-diff-retval.sh
#!/bin/sh
test_description='Return value of diffs'
. ./test-lib.sh
test_expect_success 'setup' '
echo "1 " >a &&
git add . &&
git commit -m zeroth &&
echo 1 >a &&
git add . &&
git commit -m first &&
echo 2 >b &&
git add . &&
git commit -a -m second
'
test_expect_success 'git diff --quiet -w HEAD^^ HEAD^' '
git diff --quiet -w HEAD^^ HEAD^
'
test_expect_success 'git diff --quiet HEAD^^ HEAD^' '
test_must_fail git diff --quiet HEAD^^ HEAD^
'
test_expect_success 'git diff --quiet -w HEAD^ HEAD' '
test_must_fail git diff --quiet -w HEAD^ HEAD
'
test_expect_success 'git diff-tree HEAD^ HEAD' '
test_expect_code 1 git diff-tree --exit-code HEAD^ HEAD
'
test_expect_success 'git diff-tree HEAD^ HEAD -- a' '
git diff-tree --exit-code HEAD^ HEAD -- a
'
test_expect_success 'git diff-tree HEAD^ HEAD -- b' '
test_expect_code 1 git diff-tree --exit-code HEAD^ HEAD -- b
'
test_expect_success 'echo HEAD | git diff-tree --stdin' '
echo $(git rev-parse HEAD) | test_expect_code 1 git diff-tree --exit-code --stdin
'
test_expect_success 'git diff-tree HEAD HEAD' '
git diff-tree --exit-code HEAD HEAD
'
test_expect_success 'git diff-files' '
git diff-files --exit-code
'
test_expect_success 'git diff-index --cached HEAD' '
git diff-index --exit-code --cached HEAD
'
test_expect_success 'git diff-index --cached HEAD^' '
test_expect_code 1 git diff-index --exit-code --cached HEAD^
'
test_expect_success 'git diff-index --cached HEAD^' '
echo text >>b &&
echo 3 >c &&
git add . &&
test_expect_code 1 git diff-index --exit-code --cached HEAD^
'
test_expect_success 'git diff-tree -Stext HEAD^ HEAD -- b' '
git commit -m "text in b" &&
test_expect_code 1 git diff-tree -p --exit-code -Stext HEAD^ HEAD -- b
'
test_expect_success 'git diff-tree -Snot-found HEAD^ HEAD -- b' '
git diff-tree -p --exit-code -Snot-found HEAD^ HEAD -- b
'
test_expect_success 'git diff-files' '
echo 3 >>c &&
test_expect_code 1 git diff-files --exit-code
'
test_expect_success 'git diff-index --cached HEAD' '
git update-index c &&
test_expect_code 1 git diff-index --exit-code --cached HEAD
'
test_expect_success '--check --exit-code returns 0 for no difference' '
git diff --check --exit-code
'
test_expect_success '--check --exit-code returns 1 for a clean difference' '
echo "good" > a &&
test_expect_code 1 git diff --check --exit-code
'
test_expect_success '--check --exit-code returns 3 for a dirty difference' '
echo "bad " >> a &&
test_expect_code 3 git diff --check --exit-code
'
test_expect_success '--check with --no-pager returns 2 for dirty difference' '
test_expect_code 2 git --no-pager diff --check
'
test_expect_success 'check should test not just the last line' '
echo "" >>a &&
test_expect_code 2 git --no-pager diff --check
'
test_expect_success 'check detects leftover conflict markers' '
git reset --hard &&
git checkout HEAD^ &&
echo binary >>b &&
git commit -m "side" b &&
test_must_fail git merge master &&
git add b &&
test_expect_code 2 git --no-pager diff --cached --check >test.out &&
test 3 = $(grep "conflict marker" test.out | wc -l) &&
git reset --hard
'
test_expect_success 'check honors conflict marker length' '
git reset --hard &&
echo ">>>>>>> boo" >>b &&
echo "======" >>a &&
git diff --check a &&
test_expect_code 2 git diff --check b &&
git reset --hard &&
echo ">>>>>>>> boo" >>b &&
echo "========" >>a &&
git diff --check &&
echo "b conflict-marker-size=8" >.gitattributes &&
test_expect_code 2 git diff --check b &&
git diff --check a &&
git reset --hard
'
test_done
Computing file changes ...
