Sync with 2.40.2
* maint-2.40: (39 commits) Git 2.40.2 Git 2.39.4 fsck: warn about symlink pointing inside a gitdir core.hooksPath: add some protection while cloning init.templateDir: consider this config setting protected clone: prevent hooks from running during a clone Add a helper function to compare file contents init: refactor the template directory discovery into its own function find_hook(): refactor the `STRIP_EXTENSION` logic clone: when symbolic links collide with directories, keep the latter entry: report more colliding paths t5510: verify that D/F confusion cannot lead to an RCE submodule: require the submodule path to contain directories only clone_submodule: avoid using `access()` on directories submodules: submodule paths must not contain symlinks clone: prevent clashing git dirs when cloning submodule in parallel t7423: add tests for symlinked submodule directories has_dir_name(): do not get confused by characters < '/' docs: document security issues around untrusted .git dirs upload-pack: disable lazy-fetching by default ...
This commit is contained in:
Johannes Schindelin
61
copy.c
61
copy.c
@ -2,6 +2,9 @@
|
||||
#include "copy.h"
|
||||
#include "path.h"
|
||||
#include "wrapper.h"
|
||||
#include "gettext.h"
|
||||
#include "strbuf.h"
|
||||
#include "abspath.h"
|
||||
|
||||
int copy_fd(int ifd, int ofd)
|
||||
{
|
||||
@ -68,3 +71,61 @@ int copy_file_with_time(const char *dst, const char *src, int mode)
|
||||
return copy_times(dst, src);
|
||||
return status;
|
||||
}
|
||||
|
||||
static int do_symlinks_match(const char *path1, const char *path2)
|
||||
{
|
||||
struct strbuf buf1 = STRBUF_INIT, buf2 = STRBUF_INIT;
|
||||
int ret = 0;
|
||||
|
||||
if (!strbuf_readlink(&buf1, path1, 0) &&
|
||||
!strbuf_readlink(&buf2, path2, 0))
|
||||
ret = !strcmp(buf1.buf, buf2.buf);
|
||||
|
||||
strbuf_release(&buf1);
|
||||
strbuf_release(&buf2);
|
||||
return ret;
|
||||
}
|
||||
|
||||
int do_files_match(const char *path1, const char *path2)
|
||||
{
|
||||
struct stat st1, st2;
|
||||
int fd1 = -1, fd2 = -1, ret = 1;
|
||||
char buf1[8192], buf2[8192];
|
||||
|
||||
if ((fd1 = open_nofollow(path1, O_RDONLY)) < 0 ||
|
||||
fstat(fd1, &st1) || !S_ISREG(st1.st_mode)) {
|
||||
if (fd1 < 0 && errno == ELOOP)
|
||||
/* maybe this is a symbolic link? */
|
||||
return do_symlinks_match(path1, path2);
|
||||
ret = 0;
|
||||
} else if ((fd2 = open_nofollow(path2, O_RDONLY)) < 0 ||
|
||||
fstat(fd2, &st2) || !S_ISREG(st2.st_mode)) {
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
if (ret)
|
||||
/* to match, neither must be executable, or both */
|
||||
ret = !(st1.st_mode & 0111) == !(st2.st_mode & 0111);
|
||||
|
||||
if (ret)
|
||||
ret = st1.st_size == st2.st_size;
|
||||
|
||||
while (ret) {
|
||||
ssize_t len1 = read_in_full(fd1, buf1, sizeof(buf1));
|
||||
ssize_t len2 = read_in_full(fd2, buf2, sizeof(buf2));
|
||||
|
||||
if (len1 < 0 || len2 < 0 || len1 != len2)
|
||||
ret = 0; /* read error or different file size */
|
||||
else if (!len1) /* len2 is also 0; hit EOF on both */
|
||||
break; /* ret is still true */
|
||||
else
|
||||
ret = !memcmp(buf1, buf2, len1);
|
||||
}
|
||||
|
||||
if (fd1 >= 0)
|
||||
close(fd1);
|
||||
if (fd2 >= 0)
|
||||
close(fd2);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user