diff options
| author | Johannes Schindelin <johannes.schindelin@gmx.de> | 2024-04-17 11:39:09 +0200 |
|---|---|---|
| committer | Johannes Schindelin <johannes.schindelin@gmx.de> | 2024-04-19 12:38:46 +0200 |
| commit | be348e9815285636789dccd4aef85b5bab5f8557 (patch) | |
| tree | bd023d59de3cf65a2ab9d5b075859bcce6557d8e /setup.h | |
| parent | Git 2.42.1 (diff) | |
| parent | Git 2.41.1 (diff) | |
| download | git-be348e9815285636789dccd4aef85b5bab5f8557.tar.xz git-be348e9815285636789dccd4aef85b5bab5f8557.zip | |
Sync with 2.41.1
* maint-2.41: (38 commits)
Git 2.41.1
Git 2.40.2
Git 2.39.4
fsck: warn about symlink pointing inside a gitdir
core.hooksPath: add some protection while cloning
init.templateDir: consider this config setting protected
clone: prevent hooks from running during a clone
Add a helper function to compare file contents
init: refactor the template directory discovery into its own function
find_hook(): refactor the `STRIP_EXTENSION` logic
clone: when symbolic links collide with directories, keep the latter
entry: report more colliding paths
t5510: verify that D/F confusion cannot lead to an RCE
submodule: require the submodule path to contain directories only
clone_submodule: avoid using `access()` on directories
submodules: submodule paths must not contain symlinks
clone: prevent clashing git dirs when cloning submodule in parallel
t7423: add tests for symlinked submodule directories
has_dir_name(): do not get confused by characters < '/'
docs: document security issues around untrusted .git dirs
...
Diffstat (limited to 'setup.h')
| -rw-r--r-- | setup.h | 14 |
1 files changed, 14 insertions, 0 deletions
@@ -41,6 +41,18 @@ const char *read_gitfile_gently(const char *path, int *return_error_code); const char *resolve_gitdir_gently(const char *suspect, int *return_error_code); #define resolve_gitdir(path) resolve_gitdir_gently((path), NULL) +/* + * Check if a repository is safe and die if it is not, by verifying the + * ownership of the worktree (if any), the git directory, and the gitfile (if + * any). + * + * Exemptions for known-safe repositories can be added via `safe.directory` + * config settings; for non-bare repositories, their worktree needs to be + * added, for bare ones their git directory. + */ +void die_upon_dubious_ownership(const char *gitfile, const char *worktree, + const char *gitdir); + void setup_work_tree(void); /* @@ -169,6 +181,8 @@ int verify_repository_format(const struct repository_format *format, */ void check_repository_format(struct repository_format *fmt); +const char *get_template_dir(const char *option_template); + #define INIT_DB_QUIET 0x0001 #define INIT_DB_EXIST_OK 0x0002 |