From 73bb33a94ec67a53e7d805b12ad9264fa25f4f8d Mon Sep 17 00:00:00 2001 From: "Shawn O. Pearce" Date: Thu, 4 Jun 2009 18:33:32 -0700 Subject: daemon: Strictly parse the "extra arg" part of the command Since 1.4.4.5 (49ba83fb67 "Add virtualization support to git-daemon") git daemon enters an infinite loop and never terminates if a client hides any extra arguments in the initial request line which is not exactly "\0host=blah\0". Since that change, a client must never insert additional extra arguments, or attempt to use any argument other than "host=", as any daemon will get stuck parsing the request line and will never complete the request. Since the client can't tell if the daemon is patched or not, it is not possible to know if additional extra args might actually be able to be safely requested. If we ever need to extend the git daemon protocol to support a new feature, we may have to do something like this to the exchange: # If both support git:// v2 # C: 000cgit://v2 S: 0010ok host user C: 0018host git.kernel.org C: 0027git-upload-pack /pub/linux-2.6.git S: ...git-upload-pack header... # If client supports git:// v2, server does not: # C: 000cgit://v2 S: C: 003bgit-upload-pack /pub/linux-2.6.git\0host=git.kernel.org\0 S: ...git-upload-pack header... This requires the client to create two TCP connections to talk to an older git daemon, however all daemons since the introduction of daemon.c will safely reject the unknown "git://v2" command request, so the client can quite easily determine the server supports an older protocol. Signed-off-by: Shawn O. Pearce Signed-off-by: Junio C Hamano --- connect.c | 5 ++++- daemon.c | 10 ++++++---- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/connect.c b/connect.c index f6b8ba6fec..958c831e43 100644 --- a/connect.c +++ b/connect.c @@ -579,7 +579,10 @@ struct child_process *git_connect(int fd[2], const char *url_orig, git_tcp_connect(fd, host, flags); /* * Separate original protocol components prog and path - * from extended components with a NUL byte. + * from extended host header with a NUL byte. + * + * Note: Do not add any other headers here! Doing so + * will cause older git-daemon servers to crash. */ packet_write(fd[1], "%s %s%chost=%s%c", diff --git a/daemon.c b/daemon.c index daa4c8e8c9..b2babcc076 100644 --- a/daemon.c +++ b/daemon.c @@ -406,15 +406,15 @@ static char *xstrdup_tolower(const char *str) } /* - * Separate the "extra args" information as supplied by the client connection. + * Read the host as supplied by the client connection. */ -static void parse_extra_args(char *extra_args, int buflen) +static void parse_host_arg(char *extra_args, int buflen) { char *val; int vallen; char *end = extra_args + buflen; - while (extra_args < end && *extra_args) { + if (extra_args < end && *extra_args) { saw_extended_args = 1; if (strncasecmp("host=", extra_args, 5) == 0) { val = extra_args + 5; @@ -436,6 +436,8 @@ static void parse_extra_args(char *extra_args, int buflen) /* On to the next one */ extra_args = val + vallen; } + if (extra_args < end && *extra_args) + die("Invalid request"); } /* @@ -545,7 +547,7 @@ static int execute(struct sockaddr *addr) hostname = canon_hostname = ip_address = tcp_port = NULL; if (len != pktlen) - parse_extra_args(line + len + 1, pktlen - len - 1); + parse_host_arg(line + len + 1, pktlen - len - 1); for (i = 0; i < ARRAY_SIZE(daemon_service); i++) { struct daemon_service *s = &(daemon_service[i]); -- cgit v1.2.1 From 801a011dcf41f0415dee81f0500673e058bdee30 Mon Sep 17 00:00:00 2001 From: Thomas Rast Date: Sat, 6 Jun 2009 15:11:07 +0200 Subject: Documentation: refer to gitworkflows(7) from tutorial and git(1) Add references to the gitworkflows(7) manpage added in f948dd8 (Documentation: add manpage about workflows, 2008-10-19) to both gittutorial(1) and git(1), so that new users might actually discover and read it. Noticed by Randal L. Schwartz. Signed-off-by: Thomas Rast Signed-off-by: Junio C Hamano --- Documentation/git.txt | 5 ++++- Documentation/gittutorial.txt | 4 ++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/Documentation/git.txt b/Documentation/git.txt index 9d8f236fe8..3589a12e49 100644 --- a/Documentation/git.txt +++ b/Documentation/git.txt @@ -227,6 +227,8 @@ The link:user-manual.html#git-concepts[git concepts chapter of the user-manual] and linkgit:gitcore-tutorial[7] both provide introductions to the underlying git architecture. +See linkgit:gitworkflows[7] for an overview of recommended workflows. + See also the link:howto-index.html[howto] documents for some useful examples. @@ -644,7 +646,8 @@ SEE ALSO linkgit:gittutorial[7], linkgit:gittutorial-2[7], link:everyday.html[Everyday Git], linkgit:gitcvs-migration[7], linkgit:gitglossary[7], linkgit:gitcore-tutorial[7], -linkgit:gitcli[7], link:user-manual.html[The Git User's Manual] +linkgit:gitcli[7], link:user-manual.html[The Git User's Manual], +linkgit:gitworkflows[7] GIT --- diff --git a/Documentation/gittutorial.txt b/Documentation/gittutorial.txt index c5d5596d89..c7fa949c28 100644 --- a/Documentation/gittutorial.txt +++ b/Documentation/gittutorial.txt @@ -650,6 +650,9 @@ digressions that may be interesting at this point are: smart enough to perform a close-to-optimal search even in the case of complex non-linear history with lots of merged branches. + * linkgit:gitworkflows[7]: Gives an overview of recommended + workflows. + * link:everyday.html[Everyday GIT with 20 Commands Or So] * linkgit:gitcvs-migration[7]: Git for CVS users. @@ -661,6 +664,7 @@ linkgit:gitcvs-migration[7], linkgit:gitcore-tutorial[7], linkgit:gitglossary[7], linkgit:git-help[1], +linkgit:gitworkflows[7], link:everyday.html[Everyday git], link:user-manual.html[The Git User's Manual] -- cgit v1.2.1