mirror of
https://github.com/git/git
synced 2024-10-30 13:20:15 +00:00
ee27ca4a78
Usually git is careful not to allow clients to fetch arbitrary objects from the database; for example, objects received via upload-pack must be reachable from a ref. Upload-archive breaks this by feeding the client's tree-ish directly to get_sha1, which will accept arbitrary hex sha1s, reflogs, etc. This is not a problem if all of your objects are publicly reachable anyway (or at least public to anybody who can run upload-archive). Or if you are making the repo available by dumb protocols like http or rsync (in which case the client can read your whole object db directly). But for sites which allow access only through smart protocols, clients may be able to fetch trees from commits that exist in the server's object database but are not referenced (e.g., because history was rewound). This patch tightens upload-archive's lookup to use dwim_ref rather than get_sha1. This means a remote client can only fetch the tip of a named ref, not an arbitrary sha1 or reflog entry. This also restricts some legitimate requests, too: 1. Reachable non-tip commits, like: git archive --remote=$url v1.0~5 2. Sub-trees of reachable commits, like: git archive --remote=$url v1.7.7:Documentation Local requests continue to use get_sha1, and are not restricted at all. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
37 lines
1.1 KiB
C
37 lines
1.1 KiB
C
#ifndef ARCHIVE_H
|
|
#define ARCHIVE_H
|
|
|
|
struct archiver_args {
|
|
const char *base;
|
|
size_t baselen;
|
|
struct tree *tree;
|
|
const unsigned char *commit_sha1;
|
|
const struct commit *commit;
|
|
time_t time;
|
|
const char **pathspec;
|
|
unsigned int verbose : 1;
|
|
unsigned int worktree_attributes : 1;
|
|
int compression_level;
|
|
};
|
|
|
|
#define ARCHIVER_WANT_COMPRESSION_LEVELS 1
|
|
#define ARCHIVER_REMOTE 2
|
|
struct archiver {
|
|
const char *name;
|
|
int (*write_archive)(const struct archiver *, struct archiver_args *);
|
|
unsigned flags;
|
|
void *data;
|
|
};
|
|
extern void register_archiver(struct archiver *);
|
|
|
|
extern void init_tar_archiver(void);
|
|
extern void init_zip_archiver(void);
|
|
|
|
typedef int (*write_archive_entry_fn_t)(struct archiver_args *args, const unsigned char *sha1, const char *path, size_t pathlen, unsigned int mode, void *buffer, unsigned long size);
|
|
|
|
extern int write_archive_entries(struct archiver_args *args, write_archive_entry_fn_t write_entry);
|
|
extern int write_archive(int argc, const char **argv, const char *prefix, int setup_prefix, const char *name_hint, int remote);
|
|
|
|
const char *archive_format_from_filename(const char *filename);
|
|
|
|
#endif /* ARCHIVE_H */
|