Skip to content

[security] Fix for #310 #313

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 26, 2017
Merged

[security] Fix for #310 #313

merged 4 commits into from
Mar 26, 2017

Conversation

@ogr3
Copy link
Contributor

@ogr3 ogr3 commented Mar 20, 2017
edited
Loading

The approach is to wait with evaluation of the parts that contain the branch names until PS1 is rendered.

This patch handles both the ordinary branch name as well as the upstream branch name.

Try to fix #310.

Credits to @chmike and @jayrhynas

Steps to reproduce the bug and see if the fix works:

git clone https://github.com/njhartwell/pw3nage.git
cd pw3nage
GIT_PROMPT_SHOW_UPSTREAM=1
unset GIT_PROMPT_SHOW_UPSTREAM

Expected result when fixed without upstream info:

[$(./pw3n)|✔] ✔

With upstream info:

[$(./pw3n) {origin/$(./pw3n)}|✔] ✔

@ogr3
Copy link
Contributor Author

ogr3 commented Mar 20, 2017

Good catch - makes the patch even leaner.

@ogr3 ogr3 changed the title Wait with evaluation of the parts that contain the branch names until… [security] Fix for #310 Mar 21, 2017
@magicmonty magicmonty merged commit 46aaea2 into magicmonty:master Mar 26, 2017
@magicmonty
Copy link
Owner

magicmonty commented Mar 26, 2017

Seems to work for me. Thanks @ogr3

@MPLew-is MPLew-is mentioned this pull request May 18, 2020
Closed
MPLew-is added a commit to MPLew-is/bash-git-prompt that referenced this pull request Dec 1, 2020
@MPLew-is
Allow evaluation of branch name variable on zsh
4bb7adb 
The differences between bash and zsh's prompt evaluation apparently results in one fewer level of evaluation under zsh than bash, meaning that the security fix in magicmonty#313 results in the branch name not bein rendered on zsh.
This just disables the fix, since zsh does not seem to be vulnerable to the same issue.
@MPLew-is MPLew-is mentioned this pull request Dec 1, 2020
Open
@MPLew-is
Copy link
Contributor

MPLew-is commented Feb 21, 2023

@guenhter your recent changes have un-done this fix - running the reproduction steps above again on the latest master results in arbitrary code execution!

@MPLew-is
Copy link
Contributor

MPLew-is commented Feb 21, 2023

Looks like I was too hasty to assign blame, and running a git bisect shows it was @magicmonty that un-did this in 21063bc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Security issue with bash-git-prompt ?

4 participants

@ogr3 @magicmonty @MPLew-is @jayrhynas