Merge branch 'avoid-using-uninitialized-gettext'

Avoids the overhead of calling `gettext` when initialization of the translated messages was skipped. Addresses CVE-2023-25815. * avoid-using-uninitialized-gettext: (1 commit) gettext: avoid using gettext if the locale dir is not present
2023-03-14 21:32:42 +01:00 · 2023-03-14 21:32:42 +01:00 · 4fe5d0b10a
commit 4fe5d0b10a
parent 18e2b1cfc8 c4137be0f5
2 changed files with 10 additions and 1 deletions
--- a/gettext.c
+++ b/gettext.c
@ -109,6 +109,8 @@ static void init_gettext_charset(const char *domain)
 		setlocale(LC_CTYPE, "C");
 }
 int git_gettext_enabled = 0;
 void git_setup_gettext(void)
 {
 	const char *podir = getenv(GIT_TEXT_DOMAIN_DIR_ENVIRONMENT);
@ -130,6 +132,8 @@ void git_setup_gettext(void)
 	init_gettext_charset("git");
 	textdomain("git");
 	git_gettext_enabled = 1;
 	free(p);
 }
--- a/gettext.h
+++ b/gettext.h
@ -31,9 +31,11 @@
 int use_gettext_poison(void);
 #ifndef NO_GETTEXT
 extern int git_gettext_enabled;
 void git_setup_gettext(void);
 int gettext_width(const char *s);
 #else
 #define git_gettext_enabled (0)
 static inline void git_setup_gettext(void)
 {
 	use_gettext_poison(); /* getenv() reentrancy paranoia */
@ -48,7 +50,8 @@ static inline FORMAT_PRESERVING(1) const char *_(const char *msgid)
 {
 	if (!*msgid)
 		return "";
-	return use_gettext_poison() ? "# GETTEXT POISON #" : gettext(msgid);
+	return use_gettext_poison() ? "# GETTEXT POISON #" :
 		!git_gettext_enabled ? msgid : gettext(msgid);
 }
 static inline FORMAT_PRESERVING(1) FORMAT_PRESERVING(2)
@ -56,6 +59,8 @@ const char *Q_(const char *msgid, const char *plu, unsigned long n)
 {
 	if (use_gettext_poison())
 		return "# GETTEXT POISON #";
 	if (!git_gettext_enabled)
 		return n == 1 ? msgid : plu;
 	return ngettext(msgid, plu, n);
 }