diff options
author | Shawn Pearce <spearce@spearce.org> | 2013-01-31 13:02:07 -0800 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2013-02-04 10:22:36 -0800 |
commit | 4656bf47fca857df51b5d6f4b7b052192b3b2317 (patch) | |
tree | 91e4d6cf951f2964de99d454ec89e426753ac453 /t/lib-httpd | |
parent | e1b6ff44d61bcdd91280c3f7c3c5ace32d4b7c52 (diff) | |
download | git-4656bf47fca857df51b5d6f4b7b052192b3b2317.tar.gz |
Verify Content-Type from smart HTTP servers
Before parsing a suspected smart-HTTP response verify the returned
Content-Type matches the standard. This protects a client from
attempting to process a payload that smells like a smart-HTTP
server response.
JGit has been doing this check on all responses since the dawn of
time. I mistakenly failed to include it in git-core when smart HTTP
was introduced. At the time I didn't know how to get the Content-Type
from libcurl. I punted, meant to circle back and fix this, and just
plain forgot about it.
Signed-off-by: Shawn Pearce <spearce@spearce.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/lib-httpd')
-rw-r--r-- | t/lib-httpd/apache.conf | 4 | ||||
-rwxr-xr-x | t/lib-httpd/broken-smart-http.sh | 11 |
2 files changed, 15 insertions, 0 deletions
diff --git a/t/lib-httpd/apache.conf b/t/lib-httpd/apache.conf index fe76e84b74..938b4cf803 100644 --- a/t/lib-httpd/apache.conf +++ b/t/lib-httpd/apache.conf @@ -62,9 +62,13 @@ Alias /auth/dumb/ www/auth/dumb/ SetEnv GIT_COMMITTER_EMAIL custom@example.com </LocationMatch> ScriptAliasMatch /smart_*[^/]*/(.*) ${GIT_EXEC_PATH}/git-http-backend/$1 +ScriptAlias /broken_smart/ broken-smart-http.sh/ <Directory ${GIT_EXEC_PATH}> Options FollowSymlinks </Directory> +<Files broken-smart-http.sh> + Options ExecCGI +</Files> <Files ${GIT_EXEC_PATH}/git-http-backend> Options ExecCGI </Files> diff --git a/t/lib-httpd/broken-smart-http.sh b/t/lib-httpd/broken-smart-http.sh new file mode 100755 index 0000000000..f7ebfffa80 --- /dev/null +++ b/t/lib-httpd/broken-smart-http.sh @@ -0,0 +1,11 @@ +#!/bin/sh +printf "Content-Type: text/%s\n" "html" +echo +printf "%s\n" "001e# service=git-upload-pack" +printf "%s" "0000" +printf "%s%c%s%s\n" \ + "00a58681d9f286a48b08f37b3a095330da16689e3693 HEAD" \ + 0 \ + " include-tag multi_ack_detailed multi_ack ofs-delta" \ + " side-band side-band-64k thin-pack no-progress shallow no-done " +printf "%s" "0000" |