diff options
| author | Ivan Frade <ifrade@google.com> | 2018-09-24 16:03:35 -0700 |
|---|---|---|
| committer | Matthias Sohn <matthias.sohn@sap.com> | 2018-10-05 21:38:22 +0200 |
| commit | db9f7b028d8086e5fc66364e9beba1e3a2b99d48 (patch) | |
| tree | c59d61cd0b329aa487d173c7dfec48e696792fd4 /org.eclipse.jgit/resources/org/eclipse | |
| parent | e5a4c0d17e532824e0d379cb1c322296b07c73f9 (diff) | |
| download | jgit-db9f7b028d8086e5fc66364e9beba1e3a2b99d48.tar.gz jgit-db9f7b028d8086e5fc66364e9beba1e3a2b99d48.zip | |
SubmoduleAddCommand: Reject submodule URIs that look like cli options
In C git versions before 2.19.1, the submodule is fetched by running
"git clone <uri> <path>". A URI starting with "-" would be interpreted
as an option, causing security problems. See CVE-2018-17456.
Refuse to add submodules with URIs, names or paths starting with "-",
that could be confused with command line arguments.
[jn: backported to JGit 4.7.y, bringing portions of Masaya Suzuki's
dotdot check code in v5.1.0.201808281540-m3~57 (Add API to specify
the submodule name, 2018-07-12) along for the ride]
Change-Id: I2607c3acc480b75ab2b13386fe2cac435839f017
Signed-off-by: Ivan Frade <ifrade@google.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Diffstat (limited to 'org.eclipse.jgit/resources/org/eclipse')
| -rw-r--r-- | org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties b/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties index 34457c9367..2083e1eef9 100644 --- a/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties +++ b/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties @@ -358,6 +358,7 @@ invalidKey=Invalid key: {0} invalidLineInConfigFile=Invalid line in config file invalidModeFor=Invalid mode {0} for {1} {2} in {3}. invalidModeForPath=Invalid mode {0} for path {1} +invalidNameContainsDotDot=Invalid name (contains ".."): {0} invalidObject=Invalid {0} {1}: {2} invalidOldIdSent=invalid old id sent invalidPacketLineHeader=Invalid packet line header: {0} @@ -605,7 +606,10 @@ storePushCertMultipleRefs=Store push certificate for {0} refs storePushCertOneRef=Store push certificate for {0} storePushCertReflog=Store push certificate submoduleExists=Submodule ''{0}'' already exists in the index +submoduleNameInvalid=Invalid submodule name ''{0}'' submoduleParentRemoteUrlInvalid=Cannot remove segment from remote url ''{0}'' +submodulePathInvalid=Invalid submodule path ''{0}'' +submoduleUrlInvalid=Invalid submodule URL ''{0}'' submodulesNotSupported=Submodules are not supported supportOnlyPackIndexVersion2=Only support index version 2 symlinkCannotBeWrittenAsTheLinkTarget=Symlink "{0}" cannot be written as the link target cannot be read from within Java. |