fsck: detect submodule urls starting with dash Urls with leading dashes can cause mischief on older versions of Git. We should detect them so that they can be rejected by receive.fsckObjects, preventing modern versions of git from being a vector by which attacks can spread. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit: a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46 [log] [tgz]
author: Jeff King <peff@peff.net> Mon Sep 24 04:37:17 2018 -0400
committer: Junio C Hamano <gitster@pobox.com> Thu Sep 27 11:41:26 2018 -0700
tree: b2feaba2c06781e934d4888f89a1dbe632a49777
parent: e43aab778c72250e11eb00e31dc6be90072a1637 [diff] [blame]
diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh
index 459193c..1cd2c1c 100755
--- a/t/t7416-submodule-dash-url.sh
+++ b/t/t7416-submodule-dash-url.sh

@@ -20,6 +20,13 @@
 	test_cmp expect actual
 '
 
+test_expect_success 'fsck accepts protected dash' '
+	test_when_finished "rm -rf dst" &&
+	git init --bare dst &&
+	git -C dst config transfer.fsckObjects true &&
+	git push dst HEAD
+'
+
 test_expect_success 'remove ./ protection from .gitmodules url' '
 	perl -i -pe "s{\./}{}" .gitmodules &&
 	git commit -am "drop protection"
@@ -31,4 +38,12 @@
 	test_i18ngrep ignoring err
 '
 
+test_expect_success 'fsck rejects unprotected dash' '
+	test_when_finished "rm -rf dst" &&
+	git init --bare dst &&
+	git -C dst config transfer.fsckObjects true &&
+	test_must_fail git push dst HEAD 2>err &&
+	grep gitmodulesUrl err
+'
+
 test_done
commit	a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46	[log] [tgz]
author	Jeff King <peff@peff.net>	Mon Sep 24 04:37:17 2018 -0400
committer	Junio C Hamano <gitster@pobox.com>	Thu Sep 27 11:41:26 2018 -0700
tree	b2feaba2c06781e934d4888f89a1dbe632a49777
parent	e43aab778c72250e11eb00e31dc6be90072a1637 [diff] [blame]