mirror of
https://github.com/git/git.git
synced 2024-10-31 22:37:54 +01:00
19136be3f8
If receive a request like: git-upload-pack /foo.git\0host=localhost we mark the offset of the NUL byte as "len", and then log the bytes after the NUL with a "%.*s" placeholder, using "pktlen - len" as the length, and "line + len + 1" as the start of the string. This is off-by-one, since the start of the string skips past the separating NUL byte, but the adjusted length includes it. Fortunately this doesn't actually read past the end of the buffer, since "%.*s" will stop when it hits a NUL. And regardless of what is in the buffer, packet_read() will always add an extra NUL terminator for safety. As an aside, the git.git client sends an extra NUL after a "host" field, too, so we'd generally hit that one first, not the one added by packet_read(). You can see this in the test output which reports 15 bytes, even though the string has only 14 bytes of visible data. But the point is that even a client sending unusual data could not get us to read past the end of the buffer, so this is purely a cosmetic fix. Reported-by: Michael Haggerty <mhagger@alum.mit.edu> Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
198 lines
5.6 KiB
Bash
Executable file
198 lines
5.6 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
test_description='test fetching over git protocol'
|
|
. ./test-lib.sh
|
|
|
|
. "$TEST_DIRECTORY"/lib-git-daemon.sh
|
|
start_git_daemon
|
|
|
|
check_verbose_connect () {
|
|
grep -F "Looking up 127.0.0.1 ..." stderr &&
|
|
grep -F "Connecting to 127.0.0.1 (port " stderr &&
|
|
grep -F "done." stderr
|
|
}
|
|
|
|
test_expect_success 'setup repository' '
|
|
git config push.default matching &&
|
|
echo content >file &&
|
|
git add file &&
|
|
git commit -m one
|
|
'
|
|
|
|
test_expect_success 'create git-accessible bare repository' '
|
|
mkdir "$GIT_DAEMON_DOCUMENT_ROOT_PATH/repo.git" &&
|
|
(cd "$GIT_DAEMON_DOCUMENT_ROOT_PATH/repo.git" &&
|
|
git --bare init &&
|
|
: >git-daemon-export-ok
|
|
) &&
|
|
git remote add public "$GIT_DAEMON_DOCUMENT_ROOT_PATH/repo.git" &&
|
|
git push public master:master
|
|
'
|
|
|
|
test_expect_success 'clone git repository' '
|
|
git clone -v "$GIT_DAEMON_URL/repo.git" clone 2>stderr &&
|
|
check_verbose_connect &&
|
|
test_cmp file clone/file
|
|
'
|
|
|
|
test_expect_success 'fetch changes via git protocol' '
|
|
echo content >>file &&
|
|
git commit -a -m two &&
|
|
git push public &&
|
|
(cd clone && git pull -v) 2>stderr &&
|
|
check_verbose_connect &&
|
|
test_cmp file clone/file
|
|
'
|
|
|
|
test_expect_success 'no-op fetch -v stderr is as expected' '
|
|
(cd clone && git fetch -v) 2>stderr &&
|
|
check_verbose_connect
|
|
'
|
|
|
|
test_expect_success 'no-op fetch without "-v" is quiet' '
|
|
(cd clone && git fetch) 2>stderr &&
|
|
! test -s stderr
|
|
'
|
|
|
|
test_expect_success 'remote detects correct HEAD' '
|
|
git push public master:other &&
|
|
(cd clone &&
|
|
git remote set-head -d origin &&
|
|
git remote set-head -a origin &&
|
|
git symbolic-ref refs/remotes/origin/HEAD > output &&
|
|
echo refs/remotes/origin/master > expect &&
|
|
test_cmp expect output
|
|
)
|
|
'
|
|
|
|
test_expect_success 'prepare pack objects' '
|
|
cp -R "$GIT_DAEMON_DOCUMENT_ROOT_PATH"/repo.git "$GIT_DAEMON_DOCUMENT_ROOT_PATH"/repo_pack.git &&
|
|
(cd "$GIT_DAEMON_DOCUMENT_ROOT_PATH"/repo_pack.git &&
|
|
git --bare repack -a -d
|
|
)
|
|
'
|
|
|
|
test_expect_success 'fetch notices corrupt pack' '
|
|
cp -R "$GIT_DAEMON_DOCUMENT_ROOT_PATH"/repo_pack.git "$GIT_DAEMON_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
|
|
(cd "$GIT_DAEMON_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
|
|
p=$(ls objects/pack/pack-*.pack) &&
|
|
chmod u+w $p &&
|
|
printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
|
|
) &&
|
|
mkdir repo_bad1.git &&
|
|
(cd repo_bad1.git &&
|
|
git --bare init &&
|
|
test_must_fail git --bare fetch "$GIT_DAEMON_URL/repo_bad1.git" &&
|
|
test 0 = $(ls objects/pack/pack-*.pack | wc -l)
|
|
)
|
|
'
|
|
|
|
test_expect_success 'fetch notices corrupt idx' '
|
|
cp -R "$GIT_DAEMON_DOCUMENT_ROOT_PATH"/repo_pack.git "$GIT_DAEMON_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
|
|
(cd "$GIT_DAEMON_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
|
|
p=$(ls objects/pack/pack-*.idx) &&
|
|
chmod u+w $p &&
|
|
printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
|
|
) &&
|
|
mkdir repo_bad2.git &&
|
|
(cd repo_bad2.git &&
|
|
git --bare init &&
|
|
test_must_fail git --bare fetch "$GIT_DAEMON_URL/repo_bad2.git" &&
|
|
test 0 = $(ls objects/pack | wc -l)
|
|
)
|
|
'
|
|
|
|
test_remote_error()
|
|
{
|
|
do_export=YesPlease
|
|
while test $# -gt 0
|
|
do
|
|
case $1 in
|
|
-x)
|
|
shift
|
|
chmod -x "$GIT_DAEMON_DOCUMENT_ROOT_PATH/repo.git"
|
|
;;
|
|
-n)
|
|
shift
|
|
do_export=
|
|
;;
|
|
*)
|
|
break
|
|
esac
|
|
done
|
|
|
|
msg=$1
|
|
shift
|
|
cmd=$1
|
|
shift
|
|
repo=$1
|
|
shift || error "invalid number of arguments"
|
|
|
|
if test -x "$GIT_DAEMON_DOCUMENT_ROOT_PATH/$repo"
|
|
then
|
|
if test -n "$do_export"
|
|
then
|
|
: >"$GIT_DAEMON_DOCUMENT_ROOT_PATH/$repo/git-daemon-export-ok"
|
|
else
|
|
rm -f "$GIT_DAEMON_DOCUMENT_ROOT_PATH/$repo/git-daemon-export-ok"
|
|
fi
|
|
fi
|
|
|
|
test_must_fail git "$cmd" "$GIT_DAEMON_URL/$repo" "$@" 2>output &&
|
|
test_i18ngrep "fatal: remote error: $msg: /$repo" output &&
|
|
ret=$?
|
|
chmod +x "$GIT_DAEMON_DOCUMENT_ROOT_PATH/repo.git"
|
|
(exit $ret)
|
|
}
|
|
|
|
msg="access denied or repository not exported"
|
|
test_expect_success 'clone non-existent' "test_remote_error '$msg' clone nowhere.git "
|
|
test_expect_success 'push disabled' "test_remote_error '$msg' push repo.git master"
|
|
test_expect_success 'read access denied' "test_remote_error -x '$msg' fetch repo.git "
|
|
test_expect_success 'not exported' "test_remote_error -n '$msg' fetch repo.git "
|
|
|
|
stop_git_daemon
|
|
start_git_daemon --informative-errors
|
|
|
|
test_expect_success 'clone non-existent' "test_remote_error 'no such repository' clone nowhere.git "
|
|
test_expect_success 'push disabled' "test_remote_error 'service not enabled' push repo.git master"
|
|
test_expect_success 'read access denied' "test_remote_error -x 'no such repository' fetch repo.git "
|
|
test_expect_success 'not exported' "test_remote_error -n 'repository not exported' fetch repo.git "
|
|
|
|
stop_git_daemon
|
|
start_git_daemon --interpolated-path="$GIT_DAEMON_DOCUMENT_ROOT_PATH/%H%D"
|
|
|
|
test_expect_success 'access repo via interpolated hostname' '
|
|
repo="$GIT_DAEMON_DOCUMENT_ROOT_PATH/localhost/interp.git" &&
|
|
git init --bare "$repo" &&
|
|
git push "$repo" HEAD &&
|
|
>"$repo"/git-daemon-export-ok &&
|
|
GIT_OVERRIDE_VIRTUAL_HOST=localhost \
|
|
git ls-remote "$GIT_DAEMON_URL/interp.git" &&
|
|
GIT_OVERRIDE_VIRTUAL_HOST=LOCALHOST \
|
|
git ls-remote "$GIT_DAEMON_URL/interp.git"
|
|
'
|
|
|
|
test_expect_success 'hostname cannot break out of directory' '
|
|
repo="$GIT_DAEMON_DOCUMENT_ROOT_PATH/../escape.git" &&
|
|
git init --bare "$repo" &&
|
|
git push "$repo" HEAD &&
|
|
>"$repo"/git-daemon-export-ok &&
|
|
test_must_fail \
|
|
env GIT_OVERRIDE_VIRTUAL_HOST=.. \
|
|
git ls-remote "$GIT_DAEMON_URL/escape.git"
|
|
'
|
|
|
|
test_expect_success 'daemon log records hostnames' '
|
|
cat >expect <<-\EOF &&
|
|
Extended attributes (15 bytes) exist <host=localhost>
|
|
EOF
|
|
>daemon.log &&
|
|
GIT_OVERRIDE_VIRTUAL_HOST=localhost \
|
|
git ls-remote "$GIT_DAEMON_URL/interp.git" &&
|
|
grep -i extended.attribute daemon.log | cut -d" " -f2- >actual &&
|
|
test_cmp expect actual
|
|
'
|
|
|
|
stop_git_daemon
|
|
test_done
|