From f4d4fd1a7c0ec854d91cd6aa1820eefb23a69327 Mon Sep 17 00:00:00 2001 From: tabudz Date: Mon, 3 Mar 2025 18:44:44 +0800 Subject: [PATCH] Protect against 8.3 "short name" attacks also on Linux/macOS The Windows Subsystem for Linux (WSL) is getting increasingly popular, in particular because it makes it _so_ easy to run Linux software on Windows' files, via the auto-mounted Windows drives (`C:\` is mapped to `/mnt/c/`, no need to set that up manually). Unfortunately, files/directories on the Windows drives can be accessed via their _short names_, if that feature is enabled (which it is on the `C:` drive by default). Which means that we have to safeguard even our Linux users against the short name attacks. Further, while the default options of CIFS/SMB-mounts seem to disallow accessing files on network shares via their short names on Linux/macOS, it _is_ possible to do so with the right options. So let's just safe-guard against short name attacks _everywhere_. Signed-off-by: Johannes Schindelin --- .../vendor/rugged-1.9.0/vendor/libgit2/src/libgit2/checkout.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/server/ruby/vendor/rugged-1.9.0/vendor/libgit2/src/libgit2/checkout.c b/app/server/ruby/vendor/rugged-1.9.0/vendor/libgit2/src/libgit2/checkout.c index f4b1ea96f8..a150b6fcdf 100644 --- a/app/server/ruby/vendor/rugged-1.9.0/vendor/libgit2/src/libgit2/checkout.c +++ b/app/server/ruby/vendor/rugged-1.9.0/vendor/libgit2/src/libgit2/checkout.c @@ -1290,7 +1290,7 @@ static int checkout_verify_paths( int action, git_diff_delta *delta) { - unsigned int flags = GIT_PATH_REJECT_WORKDIR_DEFAULTS; + unsigned int flags = GIT_PATH_REJECT_WORKDIR_DEFAULTS | GIT_PATH_REJECT_DOT_GIT_NTFS; if (action & CHECKOUT_ACTION__REMOVE) { if (!git_path_is_valid(repo, delta->old_file.path, delta->old_file.mode, flags)) {