submodule: gracefully handle links in module paths #2041
+20
−7
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/preview |
|
Preview email sent as pull.2041.git.git.1756335079502.gitgitgadget@gmail.com |
|
/preview |
|
Preview email sent as pull.2041.git.git.1756336187268.gitgitgadget@gmail.com |
|
I speak English American USA
Yahoo Mail: Search, Organize, Conquer
On Thu, Aug 28, 2025 at 5:15 AM, ***@***.***> wrote: Khoshi76 left a comment (git/git#2041)
5_osx-gcc (macos-13).txt
0_config.txt
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>
|
|
Why is your username my daughter's name don't
Yahoo Mail: Search, Organize, Conquer
On Thu, Aug 28, 2025 at 5:30 AM, thug ***@***.***> wrote: I speak English American USA
Yahoo Mail: Search, Organize, Conquer
|
|
Let me get one thing straight don't play with me I ain't with that shit but I'm about that shit so don't be playing my mother fucking face don't do that
Yahoo Mail: Search, Organize, Conquer
On Thu, Aug 28, 2025 at 5:31 AM, thug ***@***.***> wrote: Why is your username my daughter's name don't
Yahoo Mail: Search, Organize, Conquer
On Thu, Aug 28, 2025 at 5:30 AM, thug ***@***.***> wrote: I speak English American USA
Yahoo Mail: Search, Organize, Conquer
|
Due to security concerns the commit e8d0608 (submodule: require the submodule path to contain directories only, 2024-03-26) introduced some checks and hard `exit(128)` calls for the case that a submodule path contains symbolic links. This change was motivated by CVE-2024-32002, which was discovered shortly before. Consequently, git currently aborts actions of which some could be continued by not processing the faulty module. As an example, one of these actions that may be aborted is showing a diff with diff.submodule set to `log` or `diff`: Let's assume a repository where a submodule was moved and its old path replaced with a symlink pointing to the new location. A git-show on an older commit from before the move that also touches the module will now have only partial output. If the submodule is the first file to list, there will be no diff at all after the commit message. Other examples for actions that are aborted after already being started are fetching and pushing with their respective recurseSubmodules turned on. Handle these cases more gracefully by returning an error value instead of dying, if possible. This was done only in functions that already supported returning an error. With this change the mentioned git-show will display the full diff and show a "(commits not present)" for the submodule - the same is done currently when a submodule is simply moved. The fetch and push will complete their action while skipping the faulty module and printing an error message. Signed-off-by: Julian Prein <julian@druck.dev>
druckdev
force-pushed
the
pr2041-graceful-submodule-links
branch
from
61e6b6a to
96e5770
Compare
|
/preview |
|
Preview email sent as pull.2041.git.git.1756382645725.gitgitgadget@gmail.com |
|
/preview |
|
Preview email sent as pull.2041.git.git.1756384478802.gitgitgadget@gmail.com |
|
/submit |
|
Submitted as pull.2041.git.git.1756385026051.gitgitgadget@gmail.com To fetch this version into To fetch this version to local tag |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hello,
I'm submitting this patch primarily to fix the issue described with
diff.submodule. I maintain a repository in which this kind of move
occurred, and I have diff.submodule set to
log. With current git Ican't properly display some older commits. Changing
submodule_to_gitdirwould be sufficient to address this, but I noticedmore places doing the same thing (
exit(128)even though an error valuecould be returned), so I changed these as well.
Since this is security-relevant, and I'm not very familiar with the
codebase, I probably lack the foresight to foresee all consequences of
this change. For this reason, I'm submitting this as an RFC and without
any tests for now. If you deem this patch reasonable, I'd be happy to
write tests and add them to a future version.
Thanks,
Julian
CC: Johannes Schindelin johannes.schindelin@gmx.de