global/git
1
0
Fork 0
mirror of https://github.com/git/git.git synced 2026-01-12 19:53:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
v2.39.4
git/builtin
History
Johannes Schindelin 9e65df5eab Merge branch 'ownership-checks-in-local-clones' 
This topic addresses two CVEs:

- CVE-2024-32020:

  Local clones may end up hardlinking files into the target repository's
  object database when source and target repository reside on the same
  disk. If the source repository is owned by a different user, then
  those hardlinked files may be rewritten at any point in time by the
  untrusted user.

- CVE-2024-32021:

  When cloning a local source repository that contains symlinks via the
  filesystem, Git may create hardlinks to arbitrary user-readable files
  on the same filesystem as the target repository in the objects/
  directory.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2024-04-19 12:38:32 +02:00
..
add.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
am.c
Merge branch 'rs/am-parse-options-cleanup' into maint-2.39
2023-02-14 14:15:56 -08:00
annotate.c
apply.c
archive.c
parse-options: PARSE_OPT_KEEP_UNKNOWN only applies to --options
2022-08-19 11:13:14 -07:00
bisect--helper.c
Merge branch 'dd/bisect-helper-subcommand'
2022-11-23 11:22:22 +09:00
blame.c
doc txt & -h consistency: make "annotate" consistent
2022-10-13 09:32:57 -07:00
branch.c
Merge branch 'rj/branch-copy-and-rename' into maint-2.39
2023-02-14 14:15:55 -08:00
bugreport.c
doc txt & -h consistency: fix mismatching labels
2022-10-13 09:32:56 -07:00
bundle.c
Merge branch 'ab/bundle-wo-args' into maint-2.39
2023-02-14 14:15:50 -08:00
cat-file.c
{builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE"
2022-11-21 12:06:15 +09:00
check-attr.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
check-ignore.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
check-mailmap.c
check-ref-format.c
checkout--worker.c
checkout-index.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
checkout.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
clean.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
clone.c
Merge branch 'ownership-checks-in-local-clones'
2024-04-19 12:38:32 +02:00
column.c
commit-graph.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
commit-tree.c
doc txt & -h consistency: add missing options
2022-10-13 09:32:57 -07:00
commit.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
config.c
git-compat-util.h: use "UNUSED", not "UNUSED(var)"
2022-09-01 10:49:48 -07:00
count-objects.c
credential-cache--daemon.c
doc txt & -h consistency: use "git foo" form, not "git-foo"
2022-10-13 09:32:57 -07:00
credential-cache.c
credential-store.c
credential.c
describe.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
diagnose.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
diff-files.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
diff-index.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
diff-tree.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
diff.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
difftool.c
{builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE"
2022-11-21 12:06:15 +09:00
env--helper.c
parse-options: PARSE_OPT_KEEP_UNKNOWN only applies to --options
2022-08-19 11:13:14 -07:00
fast-export.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
fast-import.c
git-compat-util.h: use "UNUSED", not "UNUSED(var)"
2022-09-01 10:49:48 -07:00
fetch-pack.c
list-objects-filter: add and use initializers
2022-09-12 08:38:59 -07:00
fetch.c
Merge branch 'rs/no-more-run-command-v'
2022-11-08 17:15:12 -05:00
fmt-merge-msg.c
for-each-ref.c
for-each-repo.c
for-each-repo: interpolate repo path arguments
2022-11-14 22:39:25 -05:00
fsck.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
fsmonitor--daemon.c
Merge branch 'ah/fsmonitor-daemon-usage-non-l10n' into maint-2.38
2022-10-25 17:11:33 -07:00
gc.c
Merge branch 'rp/maintenance-qol'
2022-11-23 11:22:24 +09:00
get-tar-commit-id.c
grep.c
builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS"
2022-11-21 12:06:14 +09:00
hash-object.c
doc txt & -h consistency: add missing options
2022-10-13 09:32:57 -07:00
help.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
hook.c
builtin/hook.c: let parse-options parse subcommands
2022-08-19 11:13:15 -07:00
index-pack.c
init-db.c
init: refactor the template directory discovery into its own function
2024-04-17 22:30:10 +02:00
interpret-trailers.c
doc txt & -h consistency: add missing options
2022-10-13 09:32:57 -07:00
log.c
builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS"
2022-11-21 12:06:14 +09:00
ls-files.c
ls-files: fix black space in error message
2022-09-12 09:25:40 -07:00
ls-remote.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
ls-tree.c
Merge branch 'rs/ls-tree-path-expansion-fix' into maint-2.39
2023-02-14 14:15:52 -08:00
mailinfo.c
mailsplit.c
merge-base.c
doc txt & -h consistency: make output order consistent
2022-10-13 09:32:56 -07:00
merge-file.c
merge-index.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
merge-ours.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
merge-recursive.c
merge-tree.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
merge.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
mktag.c
mktree.c
multi-pack-index.c
multi-pack-index: avoid writing to global in option callback
2022-10-06 09:56:51 -07:00
mv.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
name-rev.c
git-compat-util.h: use "UNUSED", not "UNUSED(var)"
2022-09-01 10:49:48 -07:00
notes.c
notes: avoid empty line in template
2022-11-16 14:57:32 -05:00
pack-objects.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
pack-redundant.c
doc txt & -h consistency: fix mismatching labels
2022-10-13 09:32:56 -07:00
pack-refs.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
patch-id.c
builtin: patch-id: remove unused diff-tree prefix
2022-10-24 15:44:20 -07:00
prune-packed.c
prune.c
prune: quiet ENOENT on missing directories
2022-11-21 15:58:54 +09:00
pull.c
{builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE"
2022-11-21 12:06:15 +09:00
push.c
Doc: document push.recurseSubmodules=only
2022-11-14 16:55:50 -05:00
range-diff.c
range-diff: optionally accept pathspecs
2022-08-26 09:49:26 -07:00
read-tree.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
rebase.c
Merge branch 'ab/fewer-the-index-macros'
2022-11-28 12:13:46 +09:00
receive-pack.c
receive-pack: only use visible refs for connectivity check
2022-11-17 16:22:52 -05:00
reflog.c
refs: unify parse_worktree_ref() and ref_type()
2022-09-19 11:11:11 -07:00
remote-ext.c
remote-fd.c
remote.c
Merge branch 'rs/no-more-run-command-v'
2022-11-08 17:15:12 -05:00
repack.c
Merge branch 'tb/repack-expire-to'
2022-11-18 18:43:09 -05:00
replace.c
rerere.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
reset.c
diff: mark unused parameters in callbacks
2022-12-13 22:16:23 +09:00
rev-list.c
Merge branch 'ps/receive-use-only-advertised'
2022-11-23 11:22:25 +09:00
rev-parse.c
Merge branch 'ab/fewer-the-index-macros'
2022-11-28 12:13:46 +09:00
revert.c
i18n: fix command template placeholder format
2022-11-27 10:29:44 +09:00
rm.c
Merge branch 'ab/fewer-the-index-macros'
2022-11-28 12:13:46 +09:00
send-pack.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
shortlog.c
shortlog: implement --group=committer in terms of --group=<format>
2022-10-24 14:48:05 -07:00
show-branch.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
show-index.c
show-ref.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
sparse-checkout.c
doc txt & -h consistency: use "<options>", not "<options>..."
2022-10-13 09:32:55 -07:00
stash.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
stripspace.c
submodule--helper.c
submodule: require the submodule path to contain directories only
2024-04-17 22:30:04 +02:00
symbolic-ref.c
Merge branch 'ab/doc-synopsis-and-cmd-usage'
2022-10-28 11:26:54 -07:00
tag.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
unpack-file.c
doc txt & -h consistency: fix mismatching labels
2022-10-13 09:32:56 -07:00
unpack-objects.c
update-index.c
cocci: apply "pending" index-compatibility to some "builtin/*.c"
2022-11-21 12:06:15 +09:00
update-ref.c
update-server-info.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
upload-archive.c
doc txt & -h consistency: fix mismatching labels
2022-10-13 09:32:56 -07:00
upload-pack.c
upload-pack: disable lazy-fetching by default
2024-04-17 22:29:56 +02:00
var.c
verify-commit.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
verify-pack.c
doc txt & -h consistency: add or fix optional "--" syntax
2022-10-13 09:32:56 -07:00
verify-tag.c
doc txt & -h consistency: add missing options and labels
2022-10-13 09:32:56 -07:00
worktree.c
doc txt & -h consistency: make "worktree" consistent
2022-10-13 09:32:58 -07:00
write-tree.c