forked from msysgit/git
-
Notifications
You must be signed in to change notification settings - Fork 11
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge tag 'v2.47.1.windows.2' into rebase-to-v2.48.0
This merges Git for Windows v2.47.1(2) which was released on January 14th, 2025, in an embargoed release that was massively coordinated between GitHub Desktop, Visual Studio, Git Credential Manager, Git LFS, Git and Git for Windows. Most notably, this merges in the fixes for: * CVE-2024-50349: When prompting the user for a password in the terminal, Git does not neutralize control characters. * CVE-2024-52005: The sideband channel does not neutralize control characters. * CVE-2024-52006: Similar to CVE-2020-5260, affecting credential helpers that interpret Carriage Returns as newlines. Signed-off-by: Johannes Schindelin <[email protected]>
- Loading branch information
Showing
14 changed files
with
243 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
sideband.allowControlCharacters:: | ||
By default, control characters that are delivered via the sideband | ||
are masked, except ANSI color sequences. This prevents potentially | ||
unwanted ANSI escape sequences from being sent to the terminal. Use | ||
this config setting to override this behavior: | ||
+ | ||
-- | ||
color:: | ||
Allow ANSI color sequences, line feeds and horizontal tabs, | ||
but mask all other control characters. This is the default. | ||
false:: | ||
Mask all control characters other than line feeds and | ||
horizontal tabs. | ||
true:: | ||
Allow all control characters to be sent to the terminal. | ||
-- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -76,6 +76,10 @@ test_expect_success 'setup helper scripts' ' | |
test -z "$pexpiry" || echo password_expiry_utc=$pexpiry | ||
EOF | ||
write_script git-credential-cntrl-in-username <<-\EOF && | ||
printf "username=\\007latrix Lestrange\\n" | ||
EOF | ||
PATH="$PWD$PATH_SEP$PATH" | ||
' | ||
|
||
|
@@ -696,6 +700,19 @@ test_expect_success 'match percent-encoded values in username' ' | |
EOF | ||
' | ||
|
||
test_expect_success 'match percent-encoded values in hostname' ' | ||
test_config "credential.https://a%20b%20c/.helper" "$HELPER" && | ||
check fill <<-\EOF | ||
url=https://a b c/ | ||
-- | ||
protocol=https | ||
host=a b c | ||
username=foo | ||
password=bar | ||
-- | ||
EOF | ||
' | ||
|
||
test_expect_success 'fetch with multiple path components' ' | ||
test_unconfig credential.helper && | ||
test_config credential.https://example.com/foo/repo.git.helper "verbatim foo bar" && | ||
|
@@ -885,6 +902,22 @@ test_expect_success 'url parser rejects embedded newlines' ' | |
test_cmp expect stderr | ||
' | ||
|
||
test_expect_success 'url parser rejects embedded carriage returns' ' | ||
test_config credential.helper "!true" && | ||
test_must_fail git credential fill 2>stderr <<-\EOF && | ||
url=https://example%0d.com/ | ||
EOF | ||
cat >expect <<-\EOF && | ||
fatal: credential value for host contains carriage return | ||
If this is intended, set `credential.protectProtocol=false` | ||
EOF | ||
test_cmp expect stderr && | ||
GIT_ASKPASS=true \ | ||
git -c credential.protectProtocol=false credential fill <<-\EOF | ||
url=https://example%0d.com/ | ||
EOF | ||
' | ||
|
||
test_expect_success 'host-less URLs are parsed as empty host' ' | ||
check fill "verbatim foo bar" <<-\EOF | ||
url=cert:///path/to/cert.pem | ||
|
@@ -994,4 +1027,20 @@ test_expect_success 'credential config with partial URLs' ' | |
test_grep "skipping credential lookup for key" stderr | ||
' | ||
|
||
BEL="$(printf '\007')" | ||
|
||
test_expect_success 'interactive prompt is sanitized' ' | ||
check fill cntrl-in-username <<-EOF | ||
protocol=https | ||
host=example.org | ||
-- | ||
protocol=https | ||
host=example.org | ||
username=${BEL}latrix Lestrange | ||
password=askpass-password | ||
-- | ||
askpass: Password for ${SQ}https://%07latrix%[email protected]${SQ}: | ||
EOF | ||
' | ||
|
||
test_done |
Oops, something went wrong.