development/git
development/git
1
0
Fork 0
mirror of https://github.com/git/git synced 2024-10-02 14:45:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
git/builtin
History
Filip Hejsek 9cf8547320 clone: prevent clashing git dirs when cloning submodule in parallel 
While it is expected to have several git dirs within the `.git/modules/`
tree, it is important that they do not interfere with each other. For
example, if one submodule was called "captain" and another submodule
"captain/hooks", their respective git dirs would clash, as they would be
located in `.git/modules/captain/` and `.git/modules/captain/hooks/`,
respectively, i.e. the latter's files could clash with the actual Git
hooks of the former.

To prevent these clashes, and in particular to prevent hooks from being
written and then executed as part of a recursive clone, we introduced
checks as part of the fix for CVE-2019-1387 in a8dee3ca61 (Disallow
dubiously-nested submodule git directories, 2019-10-01).

It is currently possible to bypass the check for clashing submodule
git dirs in two ways:

1. parallel cloning
2. checkout --recurse-submodules

Let's check not only before, but also after parallel cloning (and before
checking out the submodule), that the git dir is not clashing with
another one, otherwise fail. This addresses the parallel cloning issue.

As to the parallel checkout issue: It requires quite a few manual steps
to create clashing git dirs because Git itself would refuse to
initialize the inner one, as demonstrated by the test case.

Nevertheless, let's teach the recursive checkout (namely, the
`submodule_move_head()` function that is used by the recursive checkout)
to be careful to verify that it does not use a clashing git dir, and if
it does, disable it (by deleting the `HEAD` file so that subsequent Git
calls won't recognize it as a git dir anymore).

Note: The parallel cloning test case contains a `cat err` that proved to
be highly useful when analyzing the racy nature of the operation (the
operation can fail with three different error messages, depending on
timing), and was left on purpose to ease future debugging should the
need arise.

Signed-off-by: Filip Hejsek <filip.hejsek@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2024-04-17 22:30:01 +02:00
..
add.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
am.c Merge branch 'rs/am-parse-options-cleanup' into maint-2.39 2023-02-14 14:15:56 -08:00
annotate.c
apply.c apply.c: remove unnecessary include 2022-04-06 09:42:14 -07:00
archive.c parse-options: PARSE_OPT_KEEP_UNKNOWN only applies to --options 2022-08-19 11:13:14 -07:00
bisect--helper.c Merge branch 'dd/bisect-helper-subcommand' 2022-11-23 11:22:22 +09:00
blame.c doc txt & -h consistency: make "annotate" consistent 2022-10-13 09:32:57 -07:00
branch.c Merge branch 'rj/branch-copy-and-rename' into maint-2.39 2023-02-14 14:15:55 -08:00
bugreport.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
bundle.c Merge branch 'ab/bundle-wo-args' into maint-2.39 2023-02-14 14:15:50 -08:00
cat-file.c {builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE" 2022-11-21 12:06:15 +09:00
check-attr.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
check-ignore.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
check-mailmap.c
check-ref-format.c check-ref-format: fix trivial memory leak 2022-07-01 11:43:42 -07:00
checkout--worker.c pkt-line.[ch]: remove unused packet_read_line_buf() 2021-10-15 13:09:40 -07:00
checkout-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
checkout.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
clean.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
clone.c Sync with 2.38.4 2023-02-06 09:43:39 +01:00
column.c column: fix parsing of the '--nl' option 2021-08-26 14:36:27 -07:00
commit-graph.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
commit-tree.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
commit.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
config.c git-compat-util.h: use "UNUSED", not "UNUSED(var)" 2022-09-01 10:49:48 -07:00
count-objects.c i18n: remove from i18n strings that do not hold translatable parts 2022-02-04 13:58:28 -08:00
credential-cache--daemon.c doc txt & -h consistency: use "git foo" form, not "git-foo" 2022-10-13 09:32:57 -07:00
credential-cache.c credential-cache: check for windows specific errors 2021-09-14 09:30:54 -07:00
credential-store.c Use a better name for the function interpolating paths 2021-07-26 12:17:16 -07:00
credential.c doc: fix git credential synopsis 2021-10-28 09:57:09 -07:00
describe.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diagnose.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
diff-files.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff-tree.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
difftool.c {builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE" 2022-11-21 12:06:15 +09:00
env--helper.c parse-options: PARSE_OPT_KEEP_UNKNOWN only applies to --options 2022-08-19 11:13:14 -07:00
fast-export.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
fast-import.c git-compat-util.h: use "UNUSED", not "UNUSED(var)" 2022-09-01 10:49:48 -07:00
fetch-pack.c list-objects-filter: add and use initializers 2022-09-12 08:38:59 -07:00
fetch.c Merge branch 'rs/no-more-run-command-v' 2022-11-08 17:15:12 -05:00
fmt-merge-msg.c merge: allow to pretend a merge is made into a different branch 2021-12-20 14:55:02 -08:00
for-each-ref.c for-each-ref: delay parsing of --sort=<atom> options 2021-10-20 14:33:07 -07:00
for-each-repo.c for-each-repo: interpolate repo path arguments 2022-11-14 22:39:25 -05:00
fsck.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
fsmonitor--daemon.c Merge branch 'ah/fsmonitor-daemon-usage-non-l10n' into maint-2.38 2022-10-25 17:11:33 -07:00
gc.c Merge branch 'rp/maintenance-qol' 2022-11-23 11:22:24 +09:00
get-tar-commit-id.c
grep.c builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS" 2022-11-21 12:06:14 +09:00
hash-object.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
help.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
hook.c builtin/hook.c: let parse-options parse subcommands 2022-08-19 11:13:15 -07:00
index-pack.c i18n: fix mismatched camelCase config variables 2022-06-17 10:38:26 -07:00
init-db.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
interpret-trailers.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
log.c builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS" 2022-11-21 12:06:14 +09:00
ls-files.c ls-files: fix black space in error message 2022-09-12 09:25:40 -07:00
ls-remote.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
ls-tree.c Merge branch 'rs/ls-tree-path-expansion-fix' into maint-2.39 2023-02-14 14:15:52 -08:00
mailinfo.c
mailsplit.c Merge branch 'ep/maint-equals-null-cocci' 2022-05-20 15:26:59 -07:00
merge-base.c doc txt & -h consistency: make output order consistent 2022-10-13 09:32:56 -07:00
merge-file.c merge-file: fix memory leaks on error path 2022-07-01 11:43:43 -07:00
merge-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
merge-ours.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
merge-recursive.c gettext API users: don't explicitly cast ngettext()'s "n" 2022-03-07 11:57:52 -08:00
merge-tree.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
merge.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
mktag.c Merge branch 'ab/object-file-api-updates' 2022-03-16 17:53:08 -07:00
mktree.c mktree: do not check type of remote objects 2022-06-21 10:12:15 -07:00
multi-pack-index.c multi-pack-index: avoid writing to global in option callback 2022-10-06 09:56:51 -07:00
mv.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
name-rev.c git-compat-util.h: use "UNUSED", not "UNUSED(var)" 2022-09-01 10:49:48 -07:00
notes.c notes: avoid empty line in template 2022-11-16 14:57:32 -05:00
pack-objects.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
pack-redundant.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
pack-refs.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
patch-id.c builtin: patch-id: remove unused diff-tree prefix 2022-10-24 15:44:20 -07:00
prune-packed.c i18n: remove from i18n strings that do not hold translatable parts 2022-02-04 13:58:28 -08:00
prune.c prune: quiet ENOENT on missing directories 2022-11-21 15:58:54 +09:00
pull.c {builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE" 2022-11-21 12:06:15 +09:00
push.c Doc: document push.recurseSubmodules=only 2022-11-14 16:55:50 -05:00
range-diff.c range-diff: optionally accept pathspecs 2022-08-26 09:49:26 -07:00
read-tree.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
rebase.c Merge branch 'ab/fewer-the-index-macros' 2022-11-28 12:13:46 +09:00
receive-pack.c receive-pack: only use visible refs for connectivity check 2022-11-17 16:22:52 -05:00
reflog.c refs: unify parse_worktree_ref() and ref_type() 2022-09-19 11:11:11 -07:00
remote-ext.c
remote-fd.c
remote.c Merge branch 'rs/no-more-run-command-v' 2022-11-08 17:15:12 -05:00
repack.c Merge branch 'tb/repack-expire-to' 2022-11-18 18:43:09 -05:00
replace.c refs: use ref_namespaces for replace refs base 2022-08-05 14:13:12 -07:00
rerere.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
reset.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
rev-list.c Merge branch 'ps/receive-use-only-advertised' 2022-11-23 11:22:25 +09:00
rev-parse.c Merge branch 'ab/fewer-the-index-macros' 2022-11-28 12:13:46 +09:00
revert.c i18n: fix command template placeholder format 2022-11-27 10:29:44 +09:00
rm.c Merge branch 'ab/fewer-the-index-macros' 2022-11-28 12:13:46 +09:00
send-pack.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
shortlog.c shortlog: implement --group=committer in terms of --group=<format> 2022-10-24 14:48:05 -07:00
show-branch.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
show-index.c
show-ref.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
sparse-checkout.c doc txt & -h consistency: use "<options>", not "<options>..." 2022-10-13 09:32:55 -07:00
stash.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
stripspace.c i18n: remove from i18n strings that do not hold translatable parts 2022-02-04 13:58:28 -08:00
submodule--helper.c clone: prevent clashing git dirs when cloning submodule in parallel 2024-04-17 22:30:01 +02:00
symbolic-ref.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
tag.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
unpack-file.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
unpack-objects.c unpack-objects: use stream_loose_object() to unpack large objects 2022-06-13 10:22:36 -07:00
update-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
update-ref.c update-ref: fix streaming of status updates 2021-09-03 11:35:15 -07:00
update-server-info.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
upload-archive.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
upload-pack.c upload-pack: disable lazy-fetching by default 2024-04-17 22:29:56 +02:00
var.c var: add GIT_DEFAULT_BRANCH variable 2021-11-03 13:25:36 -07:00
verify-commit.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
verify-pack.c doc txt & -h consistency: add or fix optional "--" syntax 2022-10-13 09:32:56 -07:00
verify-tag.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
worktree.c doc txt & -h consistency: make "worktree" consistent 2022-10-13 09:32:58 -07:00
write-tree.c