This repository was archived by the owner on Sep 30, 2024. It is now read-only.
gitserver: use cat-file for reading blobs containing ..#52605
Merged
Conversation
0c14f88 to
ac5ab43
Compare
We special case ".." in path to running a less efficient two commands. For other paths we can rely on the faster git show. git show will try and resolve revisions on anything containing "..". Depending on what branches/files exist, this can lead to: - error: object $SHA is a tree, not a commit - fatal: Invalid symmetric difference expression $SHA:$name - outputting a diff instead of the file The last point is a security issue for repositories with sub-repo permissions since the diff will not be filtered. Test Plan: wrote tests and test e2e
ac5ab43 to
d883ddc
Compare
Member
Author
|
I cleaned up this PR and added tests. I'd like to land this today to backport it to the patch release we are cutting today given this will fix an issue at a customer. |
Contributor
|
Codenotify: Notifying subscribers in CODENOTIFY files for diff abad81b...7aff26a.
|
sashaostrikov
approved these changes
May 31, 2023
sashaostrikov
left a comment
Contributor
There was a problem hiding this comment.
Thanks for finding and fixing this! 🙏🏻
evict
approved these changes
May 31, 2023
Member
Author
|
Running into the test failing on CI but not locally. I am guessing this is a difference between my local git and what is running on CI. After digging into the git history it seems this is actually a bug in I'll see if I can find a more reliable way to lookup the blob OID of a path. |
Believe I am running into a bug in ls-tree for the version of git running on CI
its possible the version of git on ci doesn't yet support --format
github-actions Bot
pushed a commit
that referenced
this pull request
May 31, 2023
We special case ".." in path to running a less efficient two commands. For other paths we can rely on the faster git show. git show will try and resolve revisions on anything containing "..". Depending on what branches/files exist, this can lead to: - error: object $SHA is a tree, not a commit - fatal: Invalid symmetric difference expression $SHA:$name - outputting a diff instead of the file The last point is a security issue for repositories with sub-repo permissions since the diff will not be filtered. Test Plan: wrote tests and test e2e (cherry picked from commit 9d52321)
keegancsmith
added a commit
that referenced
this pull request
May 31, 2023
#52688) We special case ".." in path to running a less efficient two commands. For other paths we can rely on the faster git show. git show will try and resolve revisions on anything containing "..". Depending on what branches/files exist, this can lead to: - error: object $SHA is a tree, not a commit - fatal: Invalid symmetric difference expression $SHA:$name - outputting a diff instead of the file The last point is a security issue for repositories with sub-repo permissions since the diff will not be filtered. Test Plan: wrote tests and test e2e Backport 9d52321 from #52605 Co-authored-by: Keegan Carruthers-Smith <keegan.csmith@gmail.com>
ErikaRS
pushed a commit
that referenced
this pull request
Jun 22, 2023
We special case ".." in path to running a less efficient two commands. For other paths we can rely on the faster git show. git show will try and resolve revisions on anything containing "..". Depending on what branches/files exist, this can lead to: - error: object $SHA is a tree, not a commit - fatal: Invalid symmetric difference expression $SHA:$name - outputting a diff instead of the file The last point is a security issue for repositories with sub-repo permissions since the diff will not be filtered. Test Plan: wrote tests and test e2e
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
We special case ".." in path to running a less efficient two commands. For other paths we can rely on the faster git show.
git show will try and resolve revisions on anything containing "..". Depending on what branches/files exist, this can lead to:
The last point is a security issue for repositories with sub-repo permissions since the diff will not be filtered.
Test Plan: wrote tests and test e2e