kernel
/
git
mirror of https://git.kernel.org/pub/scm/git/git.git
1
0
Fork 0
Code Releases Activity
git/builtin
History
Derrick Stolee b6551feadf merge-tree: load default git config 
The 'git merge-tree' command handles creating root trees for merges
without using the worktree. This is a critical operation in many Git
hosts, as they typically store bare repositories.

This builtin does not load the default Git config, which can have
several important ramifications.

In particular, one config that is loaded by default is
core.useReplaceRefs. This is typically disabled in Git hosts due to
the ability to spoof commits in strange ways.

Since this config is not loaded specifically during merge-tree, users
were previously able to use refs/replace/ references to make pull
requests that looked valid but introduced malicious content. The
resulting merge commit would have the correct commit history, but the
malicious content would exist in the root tree of the merge.

The fix is simple: load the default Git config in cmd_merge_tree().
This may also fix other behaviors that are effected by reading default
config. The only possible downside is a little extra computation time
spent reading config. The config parsing is placed after basic argument
parsing so it does not slow down usage errors.

Helped-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Derrick Stolee <derrickstolee@github.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
 		2023-05-10 12:20:44 -07:00
..
add.c add API: remove run_add_interactive() wrapper function 2023-02-06 15:03:34 -08:00
am.c Merge branch 'ab/hook-api-with-stdin' 2023-02-22 14:55:45 -08:00
annotate.c
apply.c
archive.c
bisect.c bisect: remove Cogito-related code 2023-01-13 14:17:14 -08:00
blame.c doc txt & -h consistency: make "annotate" consistent 2022-10-13 09:32:57 -07:00
branch.c Merge branch 'rj/branch-copy-and-rename' 2022-12-19 11:46:18 +09:00
bugreport.c built-ins: use free() not UNLEAK() if trivial, rm dead code 2022-11-21 12:32:48 +09:00
bundle.c Merge branch 'ab/bundle-wo-args' 2023-01-05 15:07:22 +09:00
cat-file.c Merge branch 'sa/cat-file-mailmap--batch-check' 2023-01-05 15:07:17 +09:00
check-attr.c attr: add flag `--source` to work with tree-ish 2023-01-14 08:49:55 -08:00
check-ignore.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
check-mailmap.c
check-ref-format.c
checkout--worker.c
checkout-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
checkout.c add API: remove run_add_interactive() wrapper function 2023-02-06 15:03:34 -08:00
clean.c Merge branch 'ab/various-leak-fixes' 2023-02-22 14:55:45 -08:00
clone.c Merge branch 'ab/various-leak-fixes' 2023-02-22 14:55:45 -08:00
column.c
commit-graph.c commit-graph: fix a parse_options_concat() leak 2023-02-06 15:34:38 -08:00
commit-tree.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
commit.c cocci & cache.h: remove "USE_THE_INDEX_COMPATIBILITY_MACROS" 2023-02-10 11:38:40 -08:00
config.c built-ins: use free() not UNLEAK() if trivial, rm dead code 2022-11-21 12:32:48 +09:00
count-objects.c
credential-cache--daemon.c credential: new attribute password_expiry_utc 2023-02-22 15:18:58 -08:00
credential-cache.c
credential-store.c
credential.c
describe.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diagnose.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
diff-files.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff-tree.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff.c Merge branch 'ab/various-leak-fixes' 2022-12-14 15:55:46 +09:00
difftool.c treewide: always have a valid "index_state.repo" member 2023-01-17 14:32:06 -08:00
fast-export.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
fast-import.c
fetch-pack.c
fetch.c fetch: choose a sensible default with --jobs=0 again 2023-02-21 12:09:40 -08:00
fmt-merge-msg.c
for-each-ref.c
for-each-repo.c for-each-repo: interpolate repo path arguments 2022-11-14 22:39:25 -05:00
fsck.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
fsmonitor--daemon.c Merge branch 'sx/pthread-error-check-fix' 2022-12-19 11:46:17 +09:00
gc.c Merge branch 'rp/maintenance-qol' 2022-11-23 11:22:24 +09:00
get-tar-commit-id.c
grep.c builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS" 2022-11-21 12:06:14 +09:00
hash-object.c Merge branch 'jk/hash-object-literally-fd-leak' 2023-01-27 08:51:41 -08:00
help.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
hook.c hook: support a --to-stdin=<path> option 2023-02-08 12:50:03 -08:00
index-pack.c
init-db.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
interpret-trailers.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
log.c format.attach: allow empty value to disable multi-part messages 2023-02-17 15:43:09 -08:00
ls-files.c ls-files: fix a --with-tree memory leak 2022-11-21 12:32:48 +09:00
ls-remote.c doc/ls-remote: clarify pattern format 2023-02-10 21:57:51 -08:00
ls-tree.c Merge branch 'rs/ls-tree-path-expansion-fix' 2023-01-23 13:39:50 -08:00
mailinfo.c
mailsplit.c
merge-base.c doc txt & -h consistency: make output order consistent 2022-10-13 09:32:56 -07:00
merge-file.c
merge-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
merge-ours.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
merge-recursive.c
merge-tree.c merge-tree: load default git config 2023-05-10 12:20:44 -07:00
merge.c Merge branch 'ab/various-leak-fixes' 2023-02-22 14:55:45 -08:00
mktag.c
mktree.c
multi-pack-index.c
mv.c cocci & cache.h: apply pending "index_cache_pos" rule 2023-02-10 11:37:27 -08:00
name-rev.c Merge branch 'ab/various-leak-fixes' 2023-02-22 14:55:45 -08:00
notes.c notes: avoid empty line in template 2022-11-16 14:57:32 -05:00
pack-objects.c Merge branch 'rs/size-t-fixes' 2023-02-15 17:11:53 -08:00
pack-redundant.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
pack-refs.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
patch-id.c builtin: patch-id: remove unused diff-tree prefix 2022-10-24 15:44:20 -07:00
prune-packed.c
prune.c prune: quiet ENOENT on missing directories 2022-11-21 15:58:54 +09:00
pull.c {builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE" 2022-11-21 12:06:15 +09:00
push.c push: free_refs() the "local_refs" in set_refspecs() 2023-02-06 15:34:40 -08:00
range-diff.c diff: factor out add_diff_options() 2022-12-02 08:25:29 +09:00
read-tree.c read-tree: add "--super-prefix" option, eliminate global 2022-12-26 10:21:44 +09:00
rebase.c builtin/rebase.c: free() "options.strategy_opts" 2023-02-06 16:03:53 -08:00
receive-pack.c receive-pack: release the linked "struct command *" list 2023-02-06 15:34:40 -08:00
reflog.c
remote-ext.c convert trivial uses of strncmp() to skip_prefix() 2023-01-08 10:34:37 +09:00
remote-fd.c convert trivial uses of strncmp() to starts_with() 2023-01-08 10:34:35 +09:00
remote.c Merge branch 'rs/no-more-run-command-v' 2022-11-08 17:15:12 -05:00
repack.c repack: fix leaks on error with "goto cleanup" 2023-02-06 15:34:37 -08:00
replace.c
rerere.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
reset.c Merge branch 'ab/various-leak-fixes' 2023-02-22 14:55:45 -08:00
rev-list.c Merge branch 'ps/receive-use-only-advertised' 2022-11-23 11:22:25 +09:00
rev-parse.c Merge branch 'ab/various-leak-fixes' 2022-12-14 15:55:46 +09:00
revert.c builtin/revert.c: move free-ing of "revs" to replay_opts_release() 2023-02-06 16:03:52 -08:00
rm.c builtin/rm.c: use narrower "USE_THE_INDEX_VARIABLE" 2023-02-10 11:31:16 -08:00
send-pack.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
shortlog.c shortlog: implement `--group=committer` in terms of `--group=<format>` 2022-10-24 14:48:05 -07:00
show-branch.c show-branch: free() allocated "head" before return 2023-02-06 15:34:39 -08:00
show-index.c
show-ref.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
sparse-checkout.c treewide: always have a valid "index_state.repo" member 2023-01-17 14:32:06 -08:00
stash.c Merge branch 'ab/various-leak-fixes' 2023-02-22 14:55:45 -08:00
stripspace.c
submodule--helper.c *: fix typos which duplicate a word 2023-01-08 10:28:34 +09:00
symbolic-ref.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
tag.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
unpack-file.c unpack-file: fix ancient leak in create_temp_file() 2022-11-21 12:32:48 +09:00
unpack-objects.c
update-index.c cocci & cache.h: apply pending "index_cache_pos" rule 2023-02-10 11:37:27 -08:00
update-ref.c
update-server-info.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
upload-archive.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
upload-pack.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
var.c var: add GIT_SEQUENCE_EDITOR variable 2022-12-18 11:48:26 +09:00
verify-commit.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
verify-pack.c doc txt & -h consistency: add or fix optional "--" syntax 2022-10-13 09:32:56 -07:00
verify-tag.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
worktree.c worktree: fix a trivial leak in prune_worktrees() 2023-02-06 15:34:38 -08:00
write-tree.c cocci & cache-tree.h: migrate "write_cache_as_tree" to "*_index_*" 2023-02-10 11:37:49 -08:00