summaryrefslogtreecommitdiff
path: root/t/t9350-fast-export.sh
diff options
context:
space:
mode:
authorJohannes Schindelin <johannes.schindelin@gmx.de>2019-09-12 12:54:05 (GMT)
committerJohannes Schindelin <johannes.schindelin@gmx.de>2019-12-04 12:20:05 (GMT)
commite1d911dd4c7b76a5a8cec0f5c8de15981e34da83 (patch)
treec3e36cceeadde0713a1f154b075ca1176f1b4a8b /t/t9350-fast-export.sh
parent0060fd1511b94c918928fa3708f69a3f33895a4a (diff)
downloadgit-e1d911dd4c7b76a5a8cec0f5c8de15981e34da83.zip
git-e1d911dd4c7b76a5a8cec0f5c8de15981e34da83.tar.gz
git-e1d911dd4c7b76a5a8cec0f5c8de15981e34da83.tar.bz2
mingw: disallow backslash characters in tree objects' file names
The backslash character is not a valid part of a file name on Windows. Hence it is dangerous to allow writing files that were unpacked from tree objects, when the stored file name contains a backslash character: it will be misinterpreted as directory separator. This not only causes ambiguity when a tree contains a blob `a\b` and a tree `a` that contains a blob `b`, but it also can be used as part of an attack vector to side-step the careful protections against writing into the `.git/` directory during a clone of a maliciously-crafted repository. Let's prevent that, addressing CVE-2019-1354. Note: we guard against backslash characters in tree objects' file names _only_ on Windows (because on other platforms, even on those where NTFS volumes can be mounted, the backslash character is _not_ a directory separator), and _only_ when `core.protectNTFS = true` (because users might need to generate tree objects for other platforms, of course without touching the worktree, e.g. using `git update-index --cacheinfo`). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Diffstat (limited to 't/t9350-fast-export.sh')
-rwxr-xr-xt/t9350-fast-export.sh1
1 files changed, 1 insertions, 0 deletions
diff --git a/t/t9350-fast-export.sh b/t/t9350-fast-export.sh
index 866ddf6..e606207 100755
--- a/t/t9350-fast-export.sh
+++ b/t/t9350-fast-export.sh
@@ -421,6 +421,7 @@ test_expect_success 'directory becomes symlink' '
test_expect_success 'fast-export quotes pathnames' '
git init crazy-paths &&
+ test_config -C crazy-paths core.protectNTFS false &&
(cd crazy-paths &&
blob=$(echo foo | git hash-object -w --stdin) &&
git update-index --add \