20da61f25f
When initializing a repository object, we run "git rev-parse --git-dir" to let the C version of Git find the correct directory. But curiously, if this fails we don't automatically say "not a git repository". Instead, we do our own pure-perl check to see if we're in a bare repository. This makes little sense, as rev-parse will report both bare and non-bare directories. This logic comes fromd5c7721d58
(Git.pm: Add support for subdirectories inside of working copies, 2006-06-24), but I don't see any reason given why we can't just rely on rev-parse. Worse, because we treat any non-error response from rev-parse as a non-bare repository, we'll erroneously set the object's WorkingCopy, even in a bare repository. But it gets worse. Since8959555cee
(setup_git_directory(): add an owner check for the top-level directory, 2022-03-02), it's actively wrong (and dangerous). The perl code doesn't implement the same ownership checks. And worse, after "finding" the bare repository, it sets GIT_DIR in the environment, which tells any subsequent Git commands that we've confirmed the directory is OK, and to trust us. I.e., it re-opens the vulnerability plugged by8959555cee
when using Git.pm's repository discovery code. We can fix this by just relying on rev-parse to tell us when we're not in a repository, which fixes the vulnerability. Furthermore, we'll ask its --is-bare-repository function to tell us if we're bare or not, and rely on that. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
161 lines
6.3 KiB
Perl
Executable File
161 lines
6.3 KiB
Perl
Executable File
#!/usr/bin/perl
|
|
use lib (split(/:/, $ENV{GITPERLLIB}));
|
|
|
|
use 5.008;
|
|
use warnings;
|
|
use strict;
|
|
|
|
use Test::More qw(no_plan);
|
|
|
|
BEGIN {
|
|
# t9700-perl-git.sh kicks off our testing, so we have to go from
|
|
# there.
|
|
Test::More->builder->current_test(1);
|
|
Test::More->builder->no_ending(1);
|
|
}
|
|
|
|
use Cwd;
|
|
use File::Basename;
|
|
|
|
sub adjust_dirsep {
|
|
my $path = shift;
|
|
$path =~ s{\\}{/}g;
|
|
return $path;
|
|
}
|
|
|
|
my $oid_re = qr/^[0-9a-fA-F]{40}(?:[0-9a-fA-F]{24})?$/;
|
|
|
|
BEGIN { use_ok('Git') }
|
|
|
|
# set up
|
|
our $abs_repo_dir = cwd();
|
|
ok(our $r = Git->repository(Directory => "."), "open repository");
|
|
{
|
|
local $ENV{GIT_TEST_ASSUME_DIFFERENT_OWNER} = 1;
|
|
my $failed;
|
|
|
|
$failed = eval { Git->repository(Directory => $abs_repo_dir) };
|
|
ok(!$failed, "reject unsafe non-bare repository");
|
|
like($@, qr/not a git repository/i, "unsafe error message");
|
|
|
|
$failed = eval { Git->repository(Directory => "$abs_repo_dir/bare.git") };
|
|
ok(!$failed, "reject unsafe bare repository");
|
|
like($@, qr/not a git repository/i, "unsafe error message");
|
|
}
|
|
|
|
# config
|
|
is($r->config("test.string"), "value", "config scalar: string");
|
|
is_deeply([$r->config("test.dupstring")], ["value1", "value2"],
|
|
"config array: string");
|
|
is($r->config("test.nonexistent"), undef, "config scalar: nonexistent");
|
|
is_deeply([$r->config("test.nonexistent")], [], "config array: nonexistent");
|
|
is($r->config_int("test.int"), 2048, "config_int: integer");
|
|
is($r->config_int("test.nonexistent"), undef, "config_int: nonexistent");
|
|
ok($r->config_bool("test.booltrue"), "config_bool: true");
|
|
ok(!$r->config_bool("test.boolfalse"), "config_bool: false");
|
|
is(adjust_dirsep($r->config_path("test.path")), $r->config("test.pathexpanded"),
|
|
"config_path: ~/foo expansion");
|
|
is_deeply([$r->config_path("test.pathmulti")], ["foo", "bar"],
|
|
"config_path: multiple values");
|
|
our $ansi_green = "\x1b[32m";
|
|
is($r->get_color("color.test.slot1", "red"), $ansi_green, "get_color");
|
|
# Cannot test $r->get_colorbool("color.foo")) because we do not
|
|
# control whether our STDOUT is a terminal.
|
|
|
|
# Failure cases for config:
|
|
# Save and restore STDERR; we will probably extract this into a
|
|
# "dies_ok" method and possibly move the STDERR handling to Git.pm.
|
|
open our $tmpstderr, ">&STDERR" or die "cannot save STDERR";
|
|
open STDERR, ">", "/dev/null" or die "cannot redirect STDERR to /dev/null";
|
|
is($r->config("test.dupstring"), "value2", "config: multivar");
|
|
eval { $r->config_bool("test.boolother") };
|
|
ok($@, "config_bool: non-boolean values fail");
|
|
open STDERR, ">&", $tmpstderr or die "cannot restore STDERR";
|
|
|
|
# ident
|
|
like($r->ident("aUthor"), qr/^A U Thor <author\@example.com> [0-9]+ [+-]\d{4}$/,
|
|
"ident scalar: author (type)");
|
|
like($r->ident("cOmmitter"), qr/^C O Mitter <committer\@example.com> [0-9]+ [+-]\d{4}$/,
|
|
"ident scalar: committer (type)");
|
|
is($r->ident("invalid"), "invalid", "ident scalar: invalid ident string (no parsing)");
|
|
my ($name, $email, $time_tz) = $r->ident('author');
|
|
is_deeply([$name, $email], ["A U Thor", "author\@example.com"],
|
|
"ident array: author");
|
|
like($time_tz, qr/[0-9]+ [+-]\d{4}/, "ident array: author");
|
|
is_deeply([$r->ident("Name <email> 123 +0000")], ["Name", "email", "123 +0000"],
|
|
"ident array: ident string");
|
|
is_deeply([$r->ident("invalid")], [], "ident array: invalid ident string");
|
|
|
|
# ident_person
|
|
is($r->ident_person("aUthor"), "A U Thor <author\@example.com>",
|
|
"ident_person: author (type)");
|
|
is($r->ident_person("Name <email> 123 +0000"), "Name <email>",
|
|
"ident_person: ident string");
|
|
is($r->ident_person("Name", "email", "123 +0000"), "Name <email>",
|
|
"ident_person: array");
|
|
|
|
# objects and hashes
|
|
ok(our $file1hash = $r->command_oneline('rev-parse', "HEAD:file1"), "(get file hash)");
|
|
my $tmpfile = "file.tmp";
|
|
open TEMPFILE, "+>$tmpfile" or die "Can't open $tmpfile: $!";
|
|
is($r->cat_blob($file1hash, \*TEMPFILE), 15, "cat_blob: size");
|
|
our $blobcontents;
|
|
{ local $/; seek TEMPFILE, 0, 0; $blobcontents = <TEMPFILE>; }
|
|
is($blobcontents, "changed file 1\n", "cat_blob: data");
|
|
close TEMPFILE or die "Failed writing to $tmpfile: $!";
|
|
is(Git::hash_object("blob", $tmpfile), $file1hash, "hash_object: roundtrip");
|
|
open TEMPFILE, ">$tmpfile" or die "Can't open $tmpfile: $!";
|
|
print TEMPFILE my $test_text = "test blob, to be inserted\n";
|
|
close TEMPFILE or die "Failed writing to $tmpfile: $!";
|
|
like(our $newhash = $r->hash_and_insert_object($tmpfile), $oid_re,
|
|
"hash_and_insert_object: returns hash");
|
|
open TEMPFILE, "+>$tmpfile" or die "Can't open $tmpfile: $!";
|
|
is($r->cat_blob($newhash, \*TEMPFILE), length $test_text, "cat_blob: roundtrip size");
|
|
{ local $/; seek TEMPFILE, 0, 0; $blobcontents = <TEMPFILE>; }
|
|
is($blobcontents, $test_text, "cat_blob: roundtrip data");
|
|
close TEMPFILE;
|
|
unlink $tmpfile;
|
|
|
|
# paths
|
|
is($r->repo_path, $abs_repo_dir . "/.git", "repo_path");
|
|
is($r->wc_path, $abs_repo_dir . "/", "wc_path");
|
|
is($r->wc_subdir, "", "wc_subdir initial");
|
|
$r->wc_chdir("directory1");
|
|
is($r->wc_subdir, "directory1", "wc_subdir after wc_chdir");
|
|
is($r->config("test.string"), "value", "config after wc_chdir");
|
|
|
|
# Object generation in sub directory
|
|
chdir("directory2");
|
|
my $r2 = Git->repository();
|
|
is($r2->repo_path, $abs_repo_dir . "/.git", "repo_path (2)");
|
|
is($r2->wc_path, $abs_repo_dir . "/", "wc_path (2)");
|
|
is($r2->wc_subdir, "directory2/", "wc_subdir initial (2)");
|
|
|
|
# commands in sub directory
|
|
my $last_commit = $r2->command_oneline(qw(rev-parse --verify HEAD));
|
|
like($last_commit, $oid_re, 'rev-parse returned hash');
|
|
my $dir_commit = $r2->command_oneline('log', '-n1', '--pretty=format:%H', '.');
|
|
isnt($last_commit, $dir_commit, 'log . does not show last commit');
|
|
|
|
# commands outside working tree
|
|
chdir($abs_repo_dir . '/..');
|
|
my $r3 = Git->repository(Directory => $abs_repo_dir);
|
|
my $tmpfile3 = "$abs_repo_dir/file3.tmp";
|
|
open TEMPFILE3, "+>$tmpfile3" or die "Can't open $tmpfile3: $!";
|
|
is($r3->cat_blob($file1hash, \*TEMPFILE3), 15, "cat_blob(outside): size");
|
|
close TEMPFILE3;
|
|
unlink $tmpfile3;
|
|
chdir($abs_repo_dir);
|
|
|
|
# unquoting paths
|
|
is(Git::unquote_path('abc'), 'abc', 'unquote unquoted path');
|
|
is(Git::unquote_path('"abc def"'), 'abc def', 'unquote simple quoted path');
|
|
is(Git::unquote_path('"abc\"\\\\ \a\b\t\n\v\f\r\001\040"'),
|
|
"abc\"\\ \x07\x08\x09\x0a\x0b\x0c\x0d\x01 ",
|
|
'unquote escape sequences');
|
|
|
|
printf "1..%d\n", Test::More->builder->current_test;
|
|
|
|
my $is_passing = eval { Test::More->is_passing };
|
|
exit($is_passing ? 0 : 1) unless $@ =~ /Can't locate object method/;
|