Revision 8db1e8743c0f1ed241f6a1b8bf55b6fef07d6751 authored by Johannes Schindelin on 28 March 2024, 18:21:06 UTC, committed by Johannes Schindelin on 19 April 2024, 10:38:23 UTC
Critical security issues typically combine relatively common vulnerabilities such as case confusion in file paths with other weaknesses in order to raise the severity of the attack. One such weakness that has haunted the Git project in many a submodule-related CVE is that any hooks that are found are executed during a clone operation. Examples are the `post-checkout` and `fsmonitor` hooks. However, Git's design calls for hooks to be disabled by default, as only disabled example hooks are copied over from the templates in `<prefix>/share/git-core/templates/`. As a defense-in-depth measure, let's prevent those hooks from running. Obviously, administrators can choose to drop enabled hooks into the template directory, though, _and_ it is also possible to override `core.hooksPath`, in which case the new check needs to be disabled. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
1 parent 584de0b
sigchain.h
#ifndef SIGCHAIN_H
#define SIGCHAIN_H
/**
* Code often wants to set a signal handler to clean up temporary files or
* other work-in-progress when we die unexpectedly. For multiple pieces of
* code to do this without conflicting, each piece of code must remember
* the old value of the handler and restore it either when:
*
* 1. The work-in-progress is finished, and the handler is no longer
* necessary. The handler should revert to the original behavior
* (either another handler, SIG_DFL, or SIG_IGN).
*
* 2. The signal is received. We should then do our cleanup, then chain
* to the next handler (or die if it is SIG_DFL).
*
* Sigchain is a tiny library for keeping a stack of handlers. Your handler
* and installation code should look something like:
*
* ------------------------------------------
* void clean_foo_on_signal(int sig)
* {
* clean_foo();
* sigchain_pop(sig);
* raise(sig);
* }
*
* void other_func()
* {
* sigchain_push_common(clean_foo_on_signal);
* mess_up_foo();
* clean_foo();
* }
* ------------------------------------------
*
*/
/**
* Handlers are given the typedef of sigchain_fun. This is the same type
* that is given to signal() or sigaction(). It is perfectly reasonable to
* push SIG_DFL or SIG_IGN onto the stack.
*/
typedef void (*sigchain_fun)(int);
/* You can sigchain_push and sigchain_pop individual signals. */
int sigchain_push(int sig, sigchain_fun f);
int sigchain_pop(int sig);
/**
* push the handler onto the stack for the common signals:
* SIGINT, SIGHUP, SIGTERM, SIGQUIT and SIGPIPE.
*/
void sigchain_push_common(sigchain_fun f);
void sigchain_pop_common(void);
#endif /* SIGCHAIN_H */
Computing file changes ...
