Merge pull request #6429 from csware/safe.directory-wildcard

Add support for "safe.directory *"

2 files changed, 79 insertions, 1 deletions

diff --git a/src/libgit2/repository.c b/src/libgit2/repository.c
index dd443a630..df41f581c 100644
--- a/src/libgit2/repository.c
+++ b/src/libgit2/repository.c
@@ -498,7 +498,9 @@ static int validate_ownership_cb(const git_config_entry *entry, void *payload)
 	if (strcmp(entry->value, "") == 0)
 		*data->is_safe = false;
 
-	if (git_fs_path_prettify_dir(&data->tmp, entry->value, NULL) == 0 &&
+	if (strcmp(entry->value, "*") == 0)
+		*data->is_safe = true;
+	else if (git_fs_path_prettify_dir(&data->tmp, entry->value, NULL) == 0 &&
 	    strcmp(data->tmp.ptr, data->repo_path) == 0)
 		*data->is_safe = true;
 
diff --git a/tests/libgit2/repo/open.c b/tests/libgit2/repo/open.c
index a7e7828ab..d835240b7 100644
--- a/tests/libgit2/repo/open.c
+++ b/tests/libgit2/repo/open.c
@@ -575,6 +575,45 @@ void test_repo_open__can_allowlist_dirs_with_problematic_ownership(void)
 	git_str_dispose(&config_data);
 }
 
+void test_repo_open__can_wildcard_allowlist_with_problematic_ownership(void)
+{
+	git_repository *repo;
+	git_str config_path = GIT_STR_INIT, config_filename = GIT_STR_INIT;
+
+	cl_git_pass(git_libgit2_opts(GIT_OPT_SET_OWNER_VALIDATION, 1));
+
+	cl_fixture_sandbox("empty_standard_repo");
+	cl_git_pass(cl_rename(
+	        "empty_standard_repo/.gitted", "empty_standard_repo/.git"));
+
+	git_fs_path__set_owner(GIT_FS_PATH_OWNER_OTHER);
+	cl_git_fail_with(
+	        GIT_EOWNER, git_repository_open(&repo, "empty_standard_repo"));
+
+	/* Add safe.directory options to the global configuration */
+	git_str_joinpath(&config_path, clar_sandbox_path(), "__global_config");
+	cl_must_pass(p_mkdir(config_path.ptr, 0777));
+	git_libgit2_opts(
+	        GIT_OPT_SET_SEARCH_PATH, GIT_CONFIG_LEVEL_GLOBAL,
+	        config_path.ptr);
+
+	git_str_joinpath(&config_filename, config_path.ptr, ".gitconfig");
+
+	cl_git_rewritefile(config_filename.ptr, "[foo]\n"
+	        "\tbar = Foobar\n"
+	        "\tbaz = Baz!\n"
+	        "[safe]\n"
+	        "\tdirectory = *\n"
+	        "[bar]\n"
+	        "\tfoo = barfoo\n");
+
+	cl_git_pass(git_repository_open(&repo, "empty_standard_repo"));
+	git_repository_free(repo);
+
+	git_str_dispose(&config_path);
+	git_str_dispose(&config_filename);
+}
+
 void test_repo_open__can_allowlist_bare_gitdir(void)
 {
 	git_repository *repo;
@@ -619,6 +658,43 @@ void test_repo_open__can_allowlist_bare_gitdir(void)
 	git_str_dispose(&config_data);
 }
 
+void test_repo_open__can_wildcard_allowlist_bare_gitdir(void)
+{
+	git_repository *repo;
+	git_str config_path = GIT_STR_INIT, config_filename = GIT_STR_INIT;
+
+	cl_git_pass(git_libgit2_opts(GIT_OPT_SET_OWNER_VALIDATION, 1));
+
+	cl_fixture_sandbox("testrepo.git");
+
+	git_fs_path__set_owner(GIT_FS_PATH_OWNER_OTHER);
+	cl_git_fail_with(
+	        GIT_EOWNER, git_repository_open(&repo, "testrepo.git"));
+
+	/* Add safe.directory options to the global configuration */
+	git_str_joinpath(&config_path, clar_sandbox_path(), "__global_config");
+	cl_must_pass(p_mkdir(config_path.ptr, 0777));
+	git_libgit2_opts(
+	        GIT_OPT_SET_SEARCH_PATH, GIT_CONFIG_LEVEL_GLOBAL,
+	        config_path.ptr);
+
+	git_str_joinpath(&config_filename, config_path.ptr, ".gitconfig");
+
+	cl_git_rewritefile(config_filename.ptr, "[foo]\n"
+	        "\tbar = Foobar\n"
+	        "\tbaz = Baz!\n"
+	        "[safe]\n"
+	        "\tdirectory = *\n"
+	        "[bar]\n"
+	        "\tfoo = barfoo\n");
+
+	cl_git_pass(git_repository_open(&repo, "testrepo.git"));
+	git_repository_free(repo);
+
+	git_str_dispose(&config_path);
+	git_str_dispose(&config_filename);
+}
+
 void test_repo_open__can_reset_safe_directory_list(void)
 {
 	git_repository *repo;