admin/git
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d1bb66a546b4bb46005d17ba711caaad26f26c1e
git/builtin
History
Patrick Steinhardt d1bb66a546 builtin/clone: abort when hardlinked source and target file differ 
When performing local clones with hardlinks we refuse to copy source
files which are symlinks as a mitigation for CVE-2022-39253. This check
can be raced by an adversary though by changing the file to a symlink
after we have checked it.

Fix the issue by checking whether the hardlinked destination file
matches the source file and abort in case it doesn't.

This addresses CVE-2024-32021.

Reported-by: Apple Product Security <product-security@apple.com>
Suggested-by: Linus Torvalds <torvalds@linuxfoundation.org>
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2024-04-17 00:01:25 +02:00
..
add.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
am.c
Merge branch 'rs/am-parse-options-cleanup' into maint-2.39
2023-02-14 14:15:56 -08:00
annotate.c
apply.c
apply.c: remove unnecessary include
2022-04-06 09:42:14 -07:00
archive.c
parse-options: PARSE_OPT_KEEP_UNKNOWN only applies to --options
2022-08-19 11:13:14 -07:00
bisect--helper.c
Merge branch 'dd/bisect-helper-subcommand'
2022-11-23 11:22:22 +09:00
blame.c
doc txt & -h consistency: make "annotate" consistent
2022-10-13 09:32:57 -07:00
branch.c
Merge branch 'rj/branch-copy-and-rename' into maint-2.39
2023-02-14 14:15:55 -08:00
bugreport.c
doc txt & -h consistency: fix mismatching labels
2022-10-13 09:32:56 -07:00
bundle.c
Merge branch 'ab/bundle-wo-args' into maint-2.39
2023-02-14 14:15:50 -08:00
cat-file.c
{builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE"
2022-11-21 12:06:15 +09:00
check-attr.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
check-ignore.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
check-mailmap.c
check-ref-format.c
check-ref-format: fix trivial memory leak
2022-07-01 11:43:42 -07:00
checkout--worker.c
pkt-line.[ch]: remove unused packet_read_line_buf()
2021-10-15 13:09:40 -07:00
checkout-index.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
checkout.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
clean.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
clone.c
builtin/clone: abort when hardlinked source and target file differ
2024-04-17 00:01:25 +02:00
column.c
column: fix parsing of the '--nl' option
2021-08-26 14:36:27 -07:00
commit-graph.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
commit-tree.c
doc txt & -h consistency: add missing options
2022-10-13 09:32:57 -07:00
commit.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
config.c
git-compat-util.h: use "UNUSED", not "UNUSED(var)"
2022-09-01 10:49:48 -07:00
count-objects.c
i18n: remove from i18n strings that do not hold translatable parts
2022-02-04 13:58:28 -08:00
credential-cache--daemon.c
doc txt & -h consistency: use "git foo" form, not "git-foo"
2022-10-13 09:32:57 -07:00
credential-cache.c
credential-cache: check for windows specific errors
2021-09-14 09:30:54 -07:00
credential-store.c
Use a better name for the function interpolating paths
2021-07-26 12:17:16 -07:00
credential.c
doc: fix git credential synopsis
2021-10-28 09:57:09 -07:00
describe.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
diagnose.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
diff-files.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
diff-index.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
diff-tree.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
diff.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
difftool.c
{builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE"
2022-11-21 12:06:15 +09:00
env--helper.c
parse-options: PARSE_OPT_KEEP_UNKNOWN only applies to --options
2022-08-19 11:13:14 -07:00
fast-export.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
fast-import.c
git-compat-util.h: use "UNUSED", not "UNUSED(var)"
2022-09-01 10:49:48 -07:00
fetch-pack.c
list-objects-filter: add and use initializers
2022-09-12 08:38:59 -07:00
fetch.c
Merge branch 'rs/no-more-run-command-v'
2022-11-08 17:15:12 -05:00
fmt-merge-msg.c
merge: allow to pretend a merge is made into a different branch
2021-12-20 14:55:02 -08:00
for-each-ref.c
for-each-ref: delay parsing of --sort=<atom> options
2021-10-20 14:33:07 -07:00
for-each-repo.c
for-each-repo: interpolate repo path arguments
2022-11-14 22:39:25 -05:00
fsck.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
fsmonitor--daemon.c
Merge branch 'ah/fsmonitor-daemon-usage-non-l10n' into maint-2.38
2022-10-25 17:11:33 -07:00
gc.c
Merge branch 'rp/maintenance-qol'
2022-11-23 11:22:24 +09:00
get-tar-commit-id.c
grep.c
builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS"
2022-11-21 12:06:14 +09:00
hash-object.c
doc txt & -h consistency: add missing options
2022-10-13 09:32:57 -07:00
help.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
hook.c
builtin/hook.c: let parse-options parse subcommands
2022-08-19 11:13:15 -07:00
index-pack.c
i18n: fix mismatched camelCase config variables
2022-06-17 10:38:26 -07:00
init-db.c
doc txt & -h consistency: add missing options
2022-10-13 09:32:57 -07:00
interpret-trailers.c
doc txt & -h consistency: add missing options
2022-10-13 09:32:57 -07:00
log.c
builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS"
2022-11-21 12:06:14 +09:00
ls-files.c
ls-files: fix black space in error message
2022-09-12 09:25:40 -07:00
ls-remote.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
ls-tree.c
Merge branch 'rs/ls-tree-path-expansion-fix' into maint-2.39
2023-02-14 14:15:52 -08:00
mailinfo.c
mailsplit.c
Merge branch 'ep/maint-equals-null-cocci'
2022-05-20 15:26:59 -07:00
merge-base.c
doc txt & -h consistency: make output order consistent
2022-10-13 09:32:56 -07:00
merge-file.c
merge-file: fix memory leaks on error path
2022-07-01 11:43:43 -07:00
merge-index.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
merge-ours.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
merge-recursive.c
gettext API users: don't explicitly cast ngettext()'s "n"
2022-03-07 11:57:52 -08:00
merge-tree.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
merge.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
mktag.c
Merge branch 'ab/object-file-api-updates'
2022-03-16 17:53:08 -07:00
mktree.c
mktree: do not check type of remote objects
2022-06-21 10:12:15 -07:00
multi-pack-index.c
multi-pack-index: avoid writing to global in option callback
2022-10-06 09:56:51 -07:00
mv.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
name-rev.c
git-compat-util.h: use "UNUSED", not "UNUSED(var)"
2022-09-01 10:49:48 -07:00
notes.c
notes: avoid empty line in template
2022-11-16 14:57:32 -05:00
pack-objects.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
pack-redundant.c
doc txt & -h consistency: fix mismatching labels
2022-10-13 09:32:56 -07:00
pack-refs.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
patch-id.c
builtin: patch-id: remove unused diff-tree prefix
2022-10-24 15:44:20 -07:00
prune-packed.c
i18n: remove from i18n strings that do not hold translatable parts
2022-02-04 13:58:28 -08:00
prune.c
prune: quiet ENOENT on missing directories
2022-11-21 15:58:54 +09:00
pull.c
{builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE"
2022-11-21 12:06:15 +09:00
push.c
Doc: document push.recurseSubmodules=only
2022-11-14 16:55:50 -05:00
range-diff.c
range-diff: optionally accept pathspecs
2022-08-26 09:49:26 -07:00
read-tree.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
rebase.c
Merge branch 'ab/fewer-the-index-macros'
2022-11-28 12:13:46 +09:00
receive-pack.c
receive-pack: only use visible refs for connectivity check
2022-11-17 16:22:52 -05:00
reflog.c
refs: unify parse_worktree_ref() and ref_type()
2022-09-19 11:11:11 -07:00
remote-ext.c
remote-fd.c
remote.c
Merge branch 'rs/no-more-run-command-v'
2022-11-08 17:15:12 -05:00
repack.c
Merge branch 'tb/repack-expire-to'
2022-11-18 18:43:09 -05:00
replace.c
refs: use ref_namespaces for replace refs base
2022-08-05 14:13:12 -07:00
rerere.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
reset.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
rev-list.c
Merge branch 'ps/receive-use-only-advertised'
2022-11-23 11:22:25 +09:00
rev-parse.c
Merge branch 'ab/fewer-the-index-macros'
2022-11-28 12:13:46 +09:00
revert.c
i18n: fix command template placeholder format
2022-11-27 10:29:44 +09:00
rm.c
Merge branch 'ab/fewer-the-index-macros'
2022-11-28 12:13:46 +09:00
send-pack.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
shortlog.c
shortlog: implement --group=committer in terms of --group=<format>
2022-10-24 14:48:05 -07:00
show-branch.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
show-index.c
show-ref.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
sparse-checkout.c
doc txt & -h consistency: use "<options>", not "<options>..."
2022-10-13 09:32:55 -07:00
stash.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
stripspace.c
i18n: remove from i18n strings that do not hold translatable parts
2022-02-04 13:58:28 -08:00
submodule--helper.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
symbolic-ref.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
tag.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
unpack-file.c
doc txt & -h consistency: fix mismatching labels
2022-10-13 09:32:56 -07:00
unpack-objects.c
unpack-objects: use stream_loose_object() to unpack large objects
2022-06-13 10:22:36 -07:00
update-index.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
update-ref.c
update-ref: fix streaming of status updates
2021-09-03 11:35:15 -07:00
update-server-info.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
upload-archive.c
doc txt & -h consistency: fix mismatching labels
2022-10-13 09:32:56 -07:00
upload-pack.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
var.c
var: add GIT_DEFAULT_BRANCH variable
2021-11-03 13:25:36 -07:00
verify-commit.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
verify-pack.c
doc txt & -h consistency: add or fix optional "--" syntax
2022-10-13 09:32:56 -07:00
verify-tag.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
worktree.c
doc txt & -h consistency: make "worktree" consistent
2022-10-13 09:32:58 -07:00
write-tree.c