development/git
development/git
1
0
Fork 0
mirror of https://github.com/git/git synced 2024-07-05 00:58:49 +00:00
Code Issues Projects Releases Wiki Activity
eafffd9ad4
git/builtin
History
Johannes Schindelin eafffd9ad4 clone_submodule: avoid using access() on directories 
In 0060fd1511 (clone --recurse-submodules: prevent name squatting on
Windows, 2019-09-12), I introduced code to verify that a git dir either
does not exist, or is at least empty, to fend off attacks where an
inadvertently (and likely maliciously) pre-populated git dir would be
used while cloning submodules recursively.

The logic used `access(<path>, X_OK)` to verify that a directory exists
before calling `is_empty_dir()` on it. That is a curious way to check
for a directory's existence and might well fail for unwanted reasons.
Even the original author (it was I ;-) ) struggles to explain why this
function was used rather than `stat()`.

This code was _almost_ copypastad in the previous commit, but that
`access()` call was caught during review.

Let's use `stat()` instead also in the code that was almost copied
verbatim. Let's not use `lstat()` because in the unlikely event that
somebody snuck a symbolic link in, pointing to a crafted directory, we
want to verify that that directory is empty.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2024-04-17 22:30:03 +02:00
..
add.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
am.c Merge branch 'rs/am-parse-options-cleanup' into maint-2.39 2023-02-14 14:15:56 -08:00
annotate.c
apply.c apply.c: remove unnecessary include 2022-04-06 09:42:14 -07:00
archive.c parse-options: PARSE_OPT_KEEP_UNKNOWN only applies to --options 2022-08-19 11:13:14 -07:00
bisect--helper.c Merge branch 'dd/bisect-helper-subcommand' 2022-11-23 11:22:22 +09:00
blame.c doc txt & -h consistency: make "annotate" consistent 2022-10-13 09:32:57 -07:00
branch.c Merge branch 'rj/branch-copy-and-rename' into maint-2.39 2023-02-14 14:15:55 -08:00
bugreport.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
bundle.c Merge branch 'ab/bundle-wo-args' into maint-2.39 2023-02-14 14:15:50 -08:00
cat-file.c {builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE" 2022-11-21 12:06:15 +09:00
check-attr.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
check-ignore.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
check-mailmap.c
check-ref-format.c check-ref-format: fix trivial memory leak 2022-07-01 11:43:42 -07:00
checkout--worker.c pkt-line.[ch]: remove unused packet_read_line_buf() 2021-10-15 13:09:40 -07:00
checkout-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
checkout.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
clean.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
clone.c Sync with 2.38.4 2023-02-06 09:43:39 +01:00
column.c column: fix parsing of the '--nl' option 2021-08-26 14:36:27 -07:00
commit-graph.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
commit-tree.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
commit.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
config.c git-compat-util.h: use "UNUSED", not "UNUSED(var)" 2022-09-01 10:49:48 -07:00
count-objects.c i18n: remove from i18n strings that do not hold translatable parts 2022-02-04 13:58:28 -08:00
credential-cache--daemon.c doc txt & -h consistency: use "git foo" form, not "git-foo" 2022-10-13 09:32:57 -07:00
credential-cache.c credential-cache: check for windows specific errors 2021-09-14 09:30:54 -07:00
credential-store.c Use a better name for the function interpolating paths 2021-07-26 12:17:16 -07:00
credential.c doc: fix git credential synopsis 2021-10-28 09:57:09 -07:00
describe.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diagnose.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
diff-files.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff-tree.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
difftool.c {builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE" 2022-11-21 12:06:15 +09:00
env--helper.c parse-options: PARSE_OPT_KEEP_UNKNOWN only applies to --options 2022-08-19 11:13:14 -07:00
fast-export.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
fast-import.c git-compat-util.h: use "UNUSED", not "UNUSED(var)" 2022-09-01 10:49:48 -07:00
fetch-pack.c list-objects-filter: add and use initializers 2022-09-12 08:38:59 -07:00
fetch.c Merge branch 'rs/no-more-run-command-v' 2022-11-08 17:15:12 -05:00
fmt-merge-msg.c merge: allow to pretend a merge is made into a different branch 2021-12-20 14:55:02 -08:00
for-each-ref.c for-each-ref: delay parsing of --sort=<atom> options 2021-10-20 14:33:07 -07:00
for-each-repo.c for-each-repo: interpolate repo path arguments 2022-11-14 22:39:25 -05:00
fsck.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
fsmonitor--daemon.c Merge branch 'ah/fsmonitor-daemon-usage-non-l10n' into maint-2.38 2022-10-25 17:11:33 -07:00
gc.c Merge branch 'rp/maintenance-qol' 2022-11-23 11:22:24 +09:00
get-tar-commit-id.c
grep.c builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS" 2022-11-21 12:06:14 +09:00
hash-object.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
help.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
hook.c builtin/hook.c: let parse-options parse subcommands 2022-08-19 11:13:15 -07:00
index-pack.c i18n: fix mismatched camelCase config variables 2022-06-17 10:38:26 -07:00
init-db.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
interpret-trailers.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
log.c builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS" 2022-11-21 12:06:14 +09:00
ls-files.c ls-files: fix black space in error message 2022-09-12 09:25:40 -07:00
ls-remote.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
ls-tree.c Merge branch 'rs/ls-tree-path-expansion-fix' into maint-2.39 2023-02-14 14:15:52 -08:00
mailinfo.c
mailsplit.c Merge branch 'ep/maint-equals-null-cocci' 2022-05-20 15:26:59 -07:00
merge-base.c doc txt & -h consistency: make output order consistent 2022-10-13 09:32:56 -07:00
merge-file.c merge-file: fix memory leaks on error path 2022-07-01 11:43:43 -07:00
merge-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
merge-ours.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
merge-recursive.c gettext API users: don't explicitly cast ngettext()'s "n" 2022-03-07 11:57:52 -08:00
merge-tree.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
merge.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
mktag.c Merge branch 'ab/object-file-api-updates' 2022-03-16 17:53:08 -07:00
mktree.c mktree: do not check type of remote objects 2022-06-21 10:12:15 -07:00
multi-pack-index.c multi-pack-index: avoid writing to global in option callback 2022-10-06 09:56:51 -07:00
mv.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
name-rev.c git-compat-util.h: use "UNUSED", not "UNUSED(var)" 2022-09-01 10:49:48 -07:00
notes.c notes: avoid empty line in template 2022-11-16 14:57:32 -05:00
pack-objects.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
pack-redundant.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
pack-refs.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
patch-id.c builtin: patch-id: remove unused diff-tree prefix 2022-10-24 15:44:20 -07:00
prune-packed.c i18n: remove from i18n strings that do not hold translatable parts 2022-02-04 13:58:28 -08:00
prune.c prune: quiet ENOENT on missing directories 2022-11-21 15:58:54 +09:00
pull.c {builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE" 2022-11-21 12:06:15 +09:00
push.c Doc: document push.recurseSubmodules=only 2022-11-14 16:55:50 -05:00
range-diff.c range-diff: optionally accept pathspecs 2022-08-26 09:49:26 -07:00
read-tree.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
rebase.c Merge branch 'ab/fewer-the-index-macros' 2022-11-28 12:13:46 +09:00
receive-pack.c receive-pack: only use visible refs for connectivity check 2022-11-17 16:22:52 -05:00
reflog.c refs: unify parse_worktree_ref() and ref_type() 2022-09-19 11:11:11 -07:00
remote-ext.c
remote-fd.c
remote.c Merge branch 'rs/no-more-run-command-v' 2022-11-08 17:15:12 -05:00
repack.c Merge branch 'tb/repack-expire-to' 2022-11-18 18:43:09 -05:00
replace.c refs: use ref_namespaces for replace refs base 2022-08-05 14:13:12 -07:00
rerere.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
reset.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
rev-list.c Merge branch 'ps/receive-use-only-advertised' 2022-11-23 11:22:25 +09:00
rev-parse.c Merge branch 'ab/fewer-the-index-macros' 2022-11-28 12:13:46 +09:00
revert.c i18n: fix command template placeholder format 2022-11-27 10:29:44 +09:00
rm.c Merge branch 'ab/fewer-the-index-macros' 2022-11-28 12:13:46 +09:00
send-pack.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
shortlog.c shortlog: implement --group=committer in terms of --group=<format> 2022-10-24 14:48:05 -07:00
show-branch.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
show-index.c
show-ref.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
sparse-checkout.c doc txt & -h consistency: use "<options>", not "<options>..." 2022-10-13 09:32:55 -07:00
stash.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
stripspace.c i18n: remove from i18n strings that do not hold translatable parts 2022-02-04 13:58:28 -08:00
submodule--helper.c clone_submodule: avoid using access() on directories 2024-04-17 22:30:03 +02:00
symbolic-ref.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
tag.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
unpack-file.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
unpack-objects.c unpack-objects: use stream_loose_object() to unpack large objects 2022-06-13 10:22:36 -07:00
update-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
update-ref.c update-ref: fix streaming of status updates 2021-09-03 11:35:15 -07:00
update-server-info.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
upload-archive.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
upload-pack.c upload-pack: disable lazy-fetching by default 2024-04-17 22:29:56 +02:00
var.c var: add GIT_DEFAULT_BRANCH variable 2021-11-03 13:25:36 -07:00
verify-commit.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
verify-pack.c doc txt & -h consistency: add or fix optional "--" syntax 2022-10-13 09:32:56 -07:00
verify-tag.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
worktree.c doc txt & -h consistency: make "worktree" consistent 2022-10-13 09:32:58 -07:00
write-tree.c