Package: git / 1:2.11.0-3+deb9u4

fsck-call-fsck_finish-after-fscking-objects.diff Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
From dbac7616fb804a0f9a52d28281167d372794cbe1 Mon Sep 17 00:00:00 2001
From: Jeff King <peff@peff.net>
Date: Wed, 2 May 2018 17:20:35 -0400
Subject: fsck: call fsck_finish() after fscking objects

commit 1995b5e03e1cc97116be58cdc0502d4a23547856 upstream.

Now that the internal fsck code is capable of checking
.gitmodules files, we just need to teach its callers to use
the "finish" function to check any queued objects.

With this, we can now catch the malicious case in t7415 with
git-fsck.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
---
 builtin/fsck.c             | 3 +++
 t/t7415-submodule-names.sh | 4 ++++
 2 files changed, 7 insertions(+)

diff --git a/builtin/fsck.c b/builtin/fsck.c
index 95053ec02f..62f4fe9139 100644
--- a/builtin/fsck.c
+++ b/builtin/fsck.c
@@ -691,6 +691,9 @@ int cmd_fsck(int argc, const char **argv, const char *prefix)
 			count += p->num_objects;
 		}
 		stop_progress(&progress);
+
+		if (fsck_finish(&fsck_obj_options))
+			errors_found |= ERROR_OBJECT;
 	}
 
 	heads = 0;
diff --git a/t/t7415-submodule-names.sh b/t/t7415-submodule-names.sh
index de95ba8034..6456be2ec1 100755
--- a/t/t7415-submodule-names.sh
+++ b/t/t7415-submodule-names.sh
@@ -74,4 +74,8 @@ test_expect_success 'clone evil superproject' '
 	! grep "RUNNING POST CHECKOUT" output
 '
 
+test_expect_success 'fsck detects evil superproject' '
+	test_must_fail git fsck
+'
+
 test_done
-- 
2.17.0.921.gf22659ad46