Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Closes request #28889: Harden calls to Git CLI against argument injection

Download Browse

The goal is to prevent the possibility for a malicious user to execute arbitrary command/write arbitrary files (see CVE-2021-29472 for example). No significant functional changes expected. Change-Id: I5d03f184acbde07faaf1890a713c2b02779c6f21

+56 −63
Thomas Gerbet (tgerbet) 2022-10-10 12:10
Thomas Gerbet (tgerbet) 2022-10-10 12:10
e2b6a5bfca360063ef64879d94207b2ac1cd26fe
ff0fffc5537f8f090313867aed260605bd59ed57
git #tuleap/stable/e2b6a5bfca360063ef64879d94207b2ac1cd26fe

Modified Files

Side by side diff
Inline diff
Name
M plugins/git/include/CommitMetadata/AuthorRetriever.php +3 −4 Go to diff View file
M plugins/git/include/CommitMetadata/CommitMessageRetriever.php +1 −2 Go to diff View file
M plugins/git/include/Git/Driver/Gerrit/ProjectCreator.class.php +1 −1 Go to diff View file
M plugins/git/include/GitPHP/git/Archive.php +1 −0 Go to diff View file
M plugins/git/include/GitPHP/git/Commit.php +1 −0 Go to diff View file
M plugins/git/include/GitPHP/git/Ref.php +1 −0 Go to diff View file
M plugins/git/include/Git_Exec.class.php +31 −39 Go to diff View file
M plugins/git/tests/unit/CommitMetadata/CommitMessageRetrieverTest.php +1 −1 Go to diff View file
M plugins/git/tests/unit/Git_ExecTest.php +4 −5 Go to diff View file
M plugins/pullrequest/include/PullRequest/GitExec.php +9 −9 Go to diff View file
M plugins/pullrequest/include/PullRequest/PullRequestCreator.php +3 −2 Go to diff View file