Tree - rpms/git - CentOS Git server

rpms / git

Files

Commit: ebbc281b9184659e6c099a8dfba6db0c8f652d27

Blob Blame History Raw

 From 654dbd112ab7cbe0a162afaab645a971da62d433 Mon Sep 17 00:00:00 2001
From: Petr Stodulka <pstodulk@redhat.com>
Date: Wed, 17 May 2017 11:37:01 +0200
Subject: [PATCH] Fix CVE-2017-8386
 
See the commit 3ec804490 in upstream repository for more info.
---
 shell.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 
diff --git a/shell.c b/shell.c
index 1429870..72ed0fa 100644
--- a/shell.c
+++ b/shell.c
@@ -13,7 +13,7 @@ static int do_generic_cmd(const char *me, char *arg)
 	const char *my_argv[4];
 
 	setup_path();
-	if (!arg || !(arg = sq_dequote(arg)))
+	if (!arg || !(arg = sq_dequote(arg)) || *arg == '-')
 		die("bad argument");
 	if (prefixcmp(me, "git-"))
 		die("bad command");
-- 
2.9.4

	From 654dbd112ab7cbe0a162afaab645a971da62d433 Mon Sep 17 00:00:00 2001
	From: Petr Stodulka <pstodulk@redhat.com>
	Date: Wed, 17 May 2017 11:37:01 +0200
	Subject: [PATCH] Fix CVE-2017-8386

	See the commit 3ec804490 in upstream repository for more info.
	---
	shell.c \| 2 +-
	1 file changed, 1 insertion(+), 1 deletion(-)

	diff --git a/shell.c b/shell.c
	index 1429870..72ed0fa 100644
	--- a/shell.c
	+++ b/shell.c
	@@ -13,7 +13,7 @@ static int do_generic_cmd(const char me, char arg)
	const char *my_argv[4];

	setup_path();
	- if (!arg \|\| !(arg = sq_dequote(arg)))
	+ if (!arg \|\| !(arg = sq_dequote(arg)) \|\| *arg == '-')
	die("bad argument");
	if (prefixcmp(me, "git-"))
	die("bad command");
	--
	2.9.4

rpms / git

Source Code

Files