set safe.directory when getting config for git-annex-shell or git remotes

Fix more breakage caused by git's fix for CVE-2022-24765, this time
involving a remote (either local or ssh) that is a repository not owned by
the current user.

Sponsored-by: Dartmouth College's DANDI project
This commit is contained in:
Joey Hess 2023-09-07 14:36:16 -04:00
parent 32cb2bd3fa
commit cbfd214993
No known key found for this signature in database
GPG key ID: DB12DB0FF05F8F38
10 changed files with 75 additions and 4 deletions

View file

@ -1,6 +1,6 @@
{- git-annex-shell main program
-
- Copyright 2010-2021 Joey Hess <id@joeyh.name>
- Copyright 2010-2023 Joey Hess <id@joeyh.name>
-
- Licensed under the GNU AGPL version 3 or higher.
-}
@ -18,6 +18,7 @@ import CmdLine.GitAnnexShell.Checks
import CmdLine.GitAnnexShell.Fields
import Remote.GCrypt (getGCryptUUID)
import P2P.Protocol (ServerMode(..))
import Git.Types
import qualified Command.ConfigList
import qualified Command.NotifyChanges
@ -123,7 +124,12 @@ builtin cmd dir params = do
mkrepo = do
r <- Git.Construct.repoAbsPath (toRawFilePath dir)
>>= Git.Construct.fromAbsPath
Git.Config.read r
{- Since the path to the repository was specified
- explicitly, CVE-2022-24765 is not a concern,
- so tell git to treat the repository directory as safe.
-}
let r' = r { safeDirectory = True }
Git.Config.read r'
`catchIO` \_ -> do
hn <- fromMaybe "unknown" <$> getHostname
giveup $ "failed to read git config of git repository in " ++ hn ++ " on " ++ dir ++ "; perhaps this repository is not set up correctly or has moved"