Merge pull request #848 from josephvusich/fix/cve-2018-11235

config: modules, worktree: Submodule fixes for CVE-2018-11235
author: Máximo Cuadros <mcuadros@gmail.com> 2018-06-06 10:08:40 +0200
committer: GitHub <noreply@github.com> 2018-06-06 10:08:40 +0200
commit: d33d3efff3e5aa7ac1be2c97f4dd1ac2190f00e2 (patch)
tree: d17ac93f9f75d81410389e255af854f7b2aae006 /worktree.go
parent: ae788cfabbc02c2f836f5d8c3cc18021a97e9a88 (diff)
parent: d87faeca21e6f416e88ae3d24dae58845d7487d4 (diff)
download: go-git-d33d3efff3e5aa7ac1be2c97f4dd1ac2190f00e2.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/worktree.go b/worktree.go
index ddf6fff..99b2cd1 100644
--- a/worktree.go
+++ b/worktree.go
@@ -28,6 +28,7 @@ var (
 	ErrWorktreeNotClean  = errors.New("worktree is not clean")
 	ErrSubmoduleNotFound = errors.New("submodule not found")
 	ErrUnstagedChanges   = errors.New("worktree contains unstaged changes")
+	ErrGitModulesSymlink = errors.New(gitmodulesFile + " is a symlink")
 )
 
 // Worktree represents a git worktree.
@@ -680,7 +681,18 @@ func (w *Worktree) newSubmodule(fromModules, fromConfig *config.Submodule) *Subm
 	return m
 }
 
+func (w *Worktree) isSymlink(path string) bool {
+	if s, err := w.Filesystem.Lstat(path); err == nil {
+		return s.Mode()&os.ModeSymlink != 0
+	}
+	return false
+}
+
 func (w *Worktree) readGitmodulesFile() (*config.Modules, error) {
+	if w.isSymlink(gitmodulesFile) {
+		return nil, ErrGitModulesSymlink
+	}
+
 	f, err := w.Filesystem.Open(gitmodulesFile)
 	if err != nil {
 		if os.IsNotExist(err) {
author	Máximo Cuadros <mcuadros@gmail.com>	2018-06-06 10:08:40 +0200
committer	GitHub <noreply@github.com>	2018-06-06 10:08:40 +0200
commit	d33d3efff3e5aa7ac1be2c97f4dd1ac2190f00e2 (patch)
tree	d17ac93f9f75d81410389e255af854f7b2aae006 /worktree.go
parent	ae788cfabbc02c2f836f5d8c3cc18021a97e9a88 (diff)
parent	d87faeca21e6f416e88ae3d24dae58845d7487d4 (diff)
download	go-git-d33d3efff3e5aa7ac1be2c97f4dd1ac2190f00e2.tar.gz