Revision - 8db1e87 - clone: prevent hooks from running during a clone

Revision 8db1e8743c0f1ed241f6a1b8bf55b6fef07d6751 authored by Johannes Schindelin on 28 March 2024, 18:21:06 UTC, committed by Johannes Schindelin on 19 April 2024, 10:38:23 UTC

clone: prevent hooks from running during a clone

Critical security issues typically combine relatively common
vulnerabilities such as case confusion in file paths with other
weaknesses in order to raise the severity of the attack.

One such weakness that has haunted the Git project in many a
submodule-related CVE is that any hooks that are found are executed
during a clone operation. Examples are the `post-checkout` and
`fsmonitor` hooks.

However, Git's design calls for hooks to be disabled by default, as only
disabled example hooks are copied over from the templates in
`<prefix>/share/git-core/templates/`.

As a defense-in-depth measure, let's prevent those hooks from running.

Obviously, administrators can choose to drop enabled hooks into the
template directory, though, _and_ it is also possible to override
`core.hooksPath`, in which case the new check needs to be disabled.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

1 parent 584de0b

Files
Changes

Permalinks

notes-cache.h

#ifndef NOTES_CACHE_H
#define NOTES_CACHE_H

#include "notes.h"

struct repository;

struct notes_cache {
	struct notes_tree tree;
	char *validity;
};

void notes_cache_init(struct repository *r, struct notes_cache *c,
		      const char *name, const char *validity);
int notes_cache_write(struct notes_cache *c);

char *notes_cache_get(struct notes_cache *c, struct object_id *oid, size_t
		      *outsize);
int notes_cache_put(struct notes_cache *c, struct object_id *oid,
		    const char *data, size_t size);

#endif /* NOTES_CACHE_H */

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...