Google Git
Sign in
googlers / jrn / git / c716fe4bd917e013bf376a678b3a924447777b2d
commitc716fe4bd917e013bf376a678b3a924447777b2d[log] [tgz]
authorJeff King <peff@peff.net>Thu Mar 12 01:31:11 2020 -0400
committerJeff King <peff@peff.net>Thu Mar 12 02:55:24 2020 -0400
tree3dd97595b4abbbc874446c479773357c25fa1a99
parent17f1c0b8c7e447aa62f85dc355bb48133d2812f2 [diff]
credential: detect unrepresentable values when parsing urls

The credential protocol can't represent newlines in values, but URLs can
embed percent-encoded newlines in various components. A previous commit
taught the low-level writing routines to die() when encountering this,
but we can be a little friendlier to the user by detecting them earlier
and handling them gracefully.

This patch teaches credential_from_url() to notice such components,
issue a warning, and blank the credential (which will generally result
in prompting the user for a username and password). We blank the whole
credential in this case. Another option would be to blank only the
invalid component. However, we're probably better off not feeding a
partially-parsed URL result to a credential helper. We don't know how a
given helper would handle it, so we're better off to err on the side of
matching nothing rather than something unexpected.

The die() call in credential_write() is _probably_ impossible to reach
after this patch. Values should end up in credential structs only by URL
parsing (which is covered here), or by reading credential protocol input
(which by definition cannot read a newline into a value). But we should
definitely keep the low-level check, as it's our final and most accurate
line of defense against protocol injection attacks. Arguably it could
become a BUG(), but it probably doesn't matter much either way.

Note that the public interface of credential_from_url() grows a little
more than we need here. We'll use the extra flexibility in a future
patch to help fsck catch these cases.
3 files changed
tree: 3dd97595b4abbbc874446c479773357c25fa1a99
  1. .github/
  2. block-sha1/
  3. builtin/
  4. ci/
  5. compat/
  6. contrib/
  7. Documentation/
  8. ewah/
  9. git-gui/
  10. gitk-git/
  11. gitweb/
  12. mergetools/
  13. perl/
  14. po/
  15. ppc/
  16. refs/
  17. sha1dc/
  18. t/
  19. templates/
  20. vcs-svn/
  21. xdiff/
  22. sha1collisiondetection
  23. RelNotesDocumentation/RelNotes/2.17.3.txt
  24. .clang-format
  25. .gitattributes
  26. .gitignore
  27. .gitmodules
  28. .mailmap
  29. .travis.yml
  30. .tsan-suppressions
  31. abspath.c
  32. aclocal.m4
  33. advice.c
  34. advice.h
  35. alias.c
  36. alloc.c
  37. apply.c
  38. apply.h
  39. archive-tar.c
  40. archive-zip.c
  41. archive.c
  42. archive.h
  43. argv-array.c
  44. argv-array.h
  45. attr.c
  46. attr.h
  47. base85.c
  48. bisect.c
  49. bisect.h
  50. blame.c
  51. blame.h
  52. blob.c
  53. blob.h
  54. branch.c
  55. branch.h
  56. builtin.h
  57. bulk-checkin.c
  58. bulk-checkin.h
  59. bundle.c
  60. bundle.h
  61. cache-tree.c
  62. cache-tree.h
  63. cache.h
  64. check-builtins.sh
  65. check-racy.c
  66. check_bindir
  67. checkout.c
  68. checkout.h
  69. color.c
  70. color.h
  71. column.c
  72. column.h
  73. combine-diff.c
  74. command-list.txt
  75. commit-slab.h
  76. commit.c
  77. commit.h
  78. common-main.c
  79. config.c
  80. config.h
  81. config.mak.in
  82. config.mak.uname
  83. configure.ac
  84. connect.c
  85. connect.h
  86. connected.c
  87. connected.h
  88. convert.c
  89. convert.h
  90. copy.c
  91. COPYING
  92. credential-cache--daemon.c
  93. credential-cache.c
  94. credential-store.c
  95. credential.c
  96. credential.h
  97. csum-file.c
  98. csum-file.h
  99. ctype.c
  100. daemon.c
  101. date.c
  102. decorate.c
  103. decorate.h
  104. delta.h
  105. diff-delta.c
  106. diff-lib.c
  107. diff-no-index.c
  108. diff.c
  109. diff.h
  110. diffcore-break.c
  111. diffcore-delta.c
  112. diffcore-order.c
  113. diffcore-pickaxe.c
  114. diffcore-rename.c
  115. diffcore.h
  116. dir-iterator.c
  117. dir-iterator.h
  118. dir.c
  119. dir.h
  120. editor.c
  121. entry.c
  122. environment.c
  123. exec_cmd.c
  124. exec_cmd.h
  125. fast-import.c
  126. fetch-object.c
  127. fetch-object.h
  128. fetch-pack.c
  129. fetch-pack.h
  130. fmt-merge-msg.h
  131. fsck.c
  132. fsck.h
  133. fsmonitor.c
  134. fsmonitor.h
  135. generate-cmdlist.sh
  136. gettext.c
  137. gettext.h
  138. git-add--interactive.perl
  139. git-archimport.perl
  140. git-bisect.sh
  141. git-compat-util.h
  142. git-cvsexportcommit.perl
  143. git-cvsimport.perl
  144. git-cvsserver.perl
  145. git-difftool--helper.sh
  146. git-filter-branch.sh
  147. git-instaweb.sh
  148. git-merge-octopus.sh
  149. git-merge-one-file.sh
  150. git-merge-resolve.sh
  151. git-mergetool--lib.sh
  152. git-mergetool.sh
  153. git-p4.py
  154. git-parse-remote.sh
  155. git-quiltimport.sh
  156. git-rebase--am.sh
  157. git-rebase--interactive.sh
  158. git-rebase--merge.sh
  159. git-rebase.sh
  160. git-remote-testgit.sh
  161. git-request-pull.sh
  162. git-send-email.perl
  163. git-sh-i18n.sh
  164. git-sh-setup.sh
  165. git-stash.sh
  166. git-submodule.sh
  167. git-svn.perl
  168. GIT-VERSION-GEN
  169. git-web--browse.sh
  170. git.c
  171. git.rc
  172. gpg-interface.c
  173. gpg-interface.h
  174. graph.c
  175. graph.h
  176. grep.c
  177. grep.h
  178. hash.h
  179. hashmap.c
  180. hashmap.h
  181. help.c
  182. help.h
  183. hex.c
  184. http-backend.c
  185. http-fetch.c
  186. http-push.c
  187. http-walker.c
  188. http.c
  189. http.h
  190. ident.c
  191. imap-send.c
  192. INSTALL
  193. iterator.h
  194. khash.h
  195. kwset.c
  196. kwset.h
  197. levenshtein.c
  198. levenshtein.h
  199. LGPL-2.1
  200. line-log.c
  201. line-log.h
  202. line-range.c
  203. line-range.h
  204. list-objects-filter-options.c
  205. list-objects-filter-options.h
  206. list-objects-filter.c
  207. list-objects-filter.h
  208. list-objects.c
  209. list-objects.h
  210. list.h
  211. ll-merge.c
  212. ll-merge.h
  213. lockfile.c
  214. lockfile.h
  215. log-tree.c
  216. log-tree.h
  217. mailinfo.c
  218. mailinfo.h
  219. mailmap.c
  220. mailmap.h
  221. Makefile
  222. match-trees.c
  223. merge-blobs.c
  224. merge-blobs.h
  225. merge-recursive.c
  226. merge-recursive.h
  227. merge.c
  228. mergesort.c
  229. mergesort.h
  230. name-hash.c
  231. notes-cache.c
  232. notes-cache.h
  233. notes-merge.c
  234. notes-merge.h
  235. notes-utils.c
  236. notes-utils.h
  237. notes.c
  238. notes.h
  239. object.c
  240. object.h
  241. oidmap.c
  242. oidmap.h
  243. oidset.c
  244. oidset.h
  245. pack-bitmap-write.c
  246. pack-bitmap.c
  247. pack-bitmap.h
  248. pack-check.c
  249. pack-objects.c
  250. pack-objects.h
  251. pack-revindex.c
  252. pack-revindex.h
  253. pack-write.c
  254. pack.h
  255. packfile.c
  256. packfile.h
  257. pager.c
  258. parse-options-cb.c
  259. parse-options.c
  260. parse-options.h
  261. patch-delta.c
  262. patch-ids.c
  263. patch-ids.h
  264. path.c
  265. path.h
  266. pathspec.c
  267. pathspec.h
  268. pkt-line.c
  269. pkt-line.h
  270. preload-index.c
  271. pretty.c
  272. pretty.h
  273. prio-queue.c
  274. prio-queue.h
  275. progress.c
  276. progress.h
  277. prompt.c
  278. prompt.h
  279. protocol.c
  280. protocol.h
  281. quote.c
  282. quote.h
  283. reachable.c
  284. reachable.h
  285. read-cache.c
  286. README.md
  287. ref-filter.c
  288. ref-filter.h
  289. reflog-walk.c
  290. reflog-walk.h
  291. refs.c
  292. refs.h
  293. remote-curl.c
  294. remote-testsvn.c
  295. remote.c
  296. remote.h
  297. replace_object.c
  298. repository.c
  299. repository.h
  300. rerere.c
  301. rerere.h
  302. resolve-undo.c
  303. resolve-undo.h
  304. revision.c
  305. revision.h
  306. run-command.c
  307. run-command.h
  308. send-pack.c
  309. send-pack.h
  310. sequencer.c
  311. sequencer.h
  312. server-info.c
  313. setup.c
  314. sh-i18n--envsubst.c
  315. sha1-array.c
  316. sha1-array.h
  317. sha1-lookup.c
  318. sha1-lookup.h
  319. sha1_file.c
  320. sha1_name.c
  321. sha1dc_git.c
  322. sha1dc_git.h
  323. shallow.c
  324. shell.c
  325. shortlog.h
  326. show-index.c
  327. sideband.c
  328. sideband.h
  329. sigchain.c
  330. sigchain.h
  331. split-index.c
  332. split-index.h
  333. strbuf.c
  334. strbuf.h
  335. streaming.c
  336. streaming.h
  337. string-list.c
  338. string-list.h
  339. sub-process.c
  340. sub-process.h
  341. submodule-config.c
  342. submodule-config.h
  343. submodule.c
  344. submodule.h
  345. symlinks.c
  346. tag.c
  347. tag.h
  348. tar.h
  349. tempfile.c
  350. tempfile.h
  351. thread-utils.c
  352. thread-utils.h
  353. tmp-objdir.c
  354. tmp-objdir.h
  355. trace.c
  356. trace.h
  357. trailer.c
  358. trailer.h
  359. transport-helper.c
  360. transport-internal.h
  361. transport.c
  362. transport.h
  363. tree-diff.c
  364. tree-walk.c
  365. tree-walk.h
  366. tree.c
  367. tree.h
  368. unicode_width.h
  369. unimplemented.sh
  370. unix-socket.c
  371. unix-socket.h
  372. unpack-trees.c
  373. unpack-trees.h
  374. upload-pack.c
  375. url.c
  376. url.h
  377. urlmatch.c
  378. urlmatch.h
  379. usage.c
  380. userdiff.c
  381. userdiff.h
  382. utf8.c
  383. utf8.h
  384. varint.c
  385. varint.h
  386. version.c
  387. version.h
  388. versioncmp.c
  389. walker.c
  390. walker.h
  391. wildmatch.c
  392. wildmatch.h
  393. worktree.c
  394. worktree.h
  395. wrap-for-bin.sh
  396. wrapper.c
  397. write_or_die.c
  398. ws.c
  399. wt-status.c
  400. wt-status.h
  401. xdiff-interface.c
  402. xdiff-interface.h
  403. zlib.c
README.md

Git - fast, scalable, distributed revision control system

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals.

Git is an Open Source project covered by the GNU General Public License version 2 (some parts of it are under different licenses, compatible with the GPLv2). It was originally written by Linus Torvalds with help of a group of hackers around the net.

Please read the file INSTALL for installation instructions.

Many Git online resources are accessible from https://git-scm.com/ including full documentation and Git related tools.

See Documentation/gittutorial.txt to get started, then see Documentation/giteveryday.txt for a useful minimum set of commands, and Documentation/git-.txt for documentation of each command. If git has been correctly installed, then the tutorial can also be read with man gittutorial or git help tutorial, and the documentation of each command with man git-<commandname> or git help <commandname>.

CVS users may also want to read Documentation/gitcvs-migration.txt (man gitcvs-migration or git help cvs-migration if git is installed).

The user discussion and development of Git take place on the Git mailing list -- everyone is welcome to post bug reports, feature requests, comments and patches to git@vger.kernel.org (read Documentation/SubmittingPatches for instructions on patch submission). To subscribe to the list, send an email with just “subscribe git” in the body to majordomo@vger.kernel.org. The mailing list archives are available at https://public-inbox.org/git/, http://marc.info/?l=git and other archival sites.

The maintainer frequently sends the “What's cooking” reports that list the current status of various development topics to the mailing list. The discussion following them give a good reference for project status, development direction and remaining tasks.

The name “git” was given by Linus Torvalds when he wrote the very first version. He described the tool as “the stupid content tracker” and the name as (depending on your mood):

  • random three-letter combination that is pronounceable, and not actually used by any common UNIX command. The fact that it is a mispronunciation of “get” may or may not be relevant.
  • stupid. contemptible and despicable. simple. Take your pick from the dictionary of slang.
  • “global information tracker”: you're in a good mood, and it actually works for you. Angels sing, and a light suddenly fills the room.
  • “goddamn idiotic truckload of sh*t”: when it breaks