Avoiding directory execution on hook (#10954) (#10955)

* test -x is not enough https://stackoverflow.com/a/39489087
tokarchuk/v1.17
Vasil Mikhalenya 5 years ago committed by GitHub
parent 2a06d3a590
commit 240258a3e5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      integrations/gitea-repositories-meta/user2/repo20.git/hooks/post-receive
  2. 2
      integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-receive
  3. 2
      integrations/gitea-repositories-meta/user2/repo20.git/hooks/update
  4. 2
      integrations/gitea-repositories-meta/user27/template1.git/hooks/post-receive
  5. 2
      integrations/gitea-repositories-meta/user27/template1.git/hooks/pre-receive
  6. 2
      integrations/gitea-repositories-meta/user27/template1.git/hooks/update
  7. 6
      modules/repository/hooks.go

@ -5,7 +5,7 @@ hookname=$(basename $0)
GIT_DIR=${GIT_DIR:-$(dirname $0)} GIT_DIR=${GIT_DIR:-$(dirname $0)}
for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
test -x "${hook}" || continue test -x "${hook}" && test -f "${hook}" || continue
echo "${data}" | "${hook}" echo "${data}" | "${hook}"
exitcodes="${exitcodes} $?" exitcodes="${exitcodes} $?"
done done

@ -5,7 +5,7 @@ hookname=$(basename $0)
GIT_DIR=${GIT_DIR:-$(dirname $0)} GIT_DIR=${GIT_DIR:-$(dirname $0)}
for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
test -x "${hook}" || continue test -x "${hook}" && test -f "${hook}" || continue
echo "${data}" | "${hook}" echo "${data}" | "${hook}"
exitcodes="${exitcodes} $?" exitcodes="${exitcodes} $?"
done done

@ -4,7 +4,7 @@ hookname=$(basename $0)
GIT_DIR=${GIT_DIR:-$(dirname $0)} GIT_DIR=${GIT_DIR:-$(dirname $0)}
for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
test -x "${hook}" || continue test -x "${hook}" && test -f "${hook}" || continue
"${hook}" $1 $2 $3 "${hook}" $1 $2 $3
exitcodes="${exitcodes} $?" exitcodes="${exitcodes} $?"
done done

@ -5,7 +5,7 @@ hookname=$(basename $0)
GIT_DIR=${GIT_DIR:-$(dirname $0)} GIT_DIR=${GIT_DIR:-$(dirname $0)}
for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
test -x "${hook}" || continue test -x "${hook}" && test -f "${hook}" || continue
echo "${data}" | "${hook}" echo "${data}" | "${hook}"
exitcodes="${exitcodes} $?" exitcodes="${exitcodes} $?"
done done

@ -5,7 +5,7 @@ hookname=$(basename $0)
GIT_DIR=${GIT_DIR:-$(dirname $0)} GIT_DIR=${GIT_DIR:-$(dirname $0)}
for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
test -x "${hook}" || continue test -x "${hook}" && test -f "${hook}" || continue
echo "${data}" | "${hook}" echo "${data}" | "${hook}"
exitcodes="${exitcodes} $?" exitcodes="${exitcodes} $?"
done done

@ -4,7 +4,7 @@ hookname=$(basename $0)
GIT_DIR=${GIT_DIR:-$(dirname $0)} GIT_DIR=${GIT_DIR:-$(dirname $0)}
for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
test -x "${hook}" || continue test -x "${hook}" && test -f "${hook}" || continue
"${hook}" $1 $2 $3 "${hook}" $1 $2 $3
exitcodes="${exitcodes} $?" exitcodes="${exitcodes} $?"
done done

@ -29,9 +29,9 @@ func createDelegateHooks(repoPath string) (err error) {
var ( var (
hookNames = []string{"pre-receive", "update", "post-receive"} hookNames = []string{"pre-receive", "update", "post-receive"}
hookTpls = []string{ hookTpls = []string{
fmt.Sprintf("#!/usr/bin/env %s\ndata=$(cat)\nexitcodes=\"\"\nhookname=$(basename $0)\nGIT_DIR=${GIT_DIR:-$(dirname $0)}\n\nfor hook in ${GIT_DIR}/hooks/${hookname}.d/*; do\ntest -x \"${hook}\" || continue\necho \"${data}\" | \"${hook}\"\nexitcodes=\"${exitcodes} $?\"\ndone\n\nfor i in ${exitcodes}; do\n[ ${i} -eq 0 ] || exit ${i}\ndone\n", setting.ScriptType), fmt.Sprintf("#!/usr/bin/env %s\ndata=$(cat)\nexitcodes=\"\"\nhookname=$(basename $0)\nGIT_DIR=${GIT_DIR:-$(dirname $0)}\n\nfor hook in ${GIT_DIR}/hooks/${hookname}.d/*; do\ntest -x \"${hook}\" && test -f \"${hook}\" || continue\necho \"${data}\" | \"${hook}\"\nexitcodes=\"${exitcodes} $?\"\ndone\n\nfor i in ${exitcodes}; do\n[ ${i} -eq 0 ] || exit ${i}\ndone\n", setting.ScriptType),
fmt.Sprintf("#!/usr/bin/env %s\nexitcodes=\"\"\nhookname=$(basename $0)\nGIT_DIR=${GIT_DIR:-$(dirname $0)}\n\nfor hook in ${GIT_DIR}/hooks/${hookname}.d/*; do\ntest -x \"${hook}\" || continue\n\"${hook}\" $1 $2 $3\nexitcodes=\"${exitcodes} $?\"\ndone\n\nfor i in ${exitcodes}; do\n[ ${i} -eq 0 ] || exit ${i}\ndone\n", setting.ScriptType), fmt.Sprintf("#!/usr/bin/env %s\nexitcodes=\"\"\nhookname=$(basename $0)\nGIT_DIR=${GIT_DIR:-$(dirname $0)}\n\nfor hook in ${GIT_DIR}/hooks/${hookname}.d/*; do\ntest -x \"${hook}\" && test -f \"${hook}\" || continue\n\"${hook}\" $1 $2 $3\nexitcodes=\"${exitcodes} $?\"\ndone\n\nfor i in ${exitcodes}; do\n[ ${i} -eq 0 ] || exit ${i}\ndone\n", setting.ScriptType),
fmt.Sprintf("#!/usr/bin/env %s\ndata=$(cat)\nexitcodes=\"\"\nhookname=$(basename $0)\nGIT_DIR=${GIT_DIR:-$(dirname $0)}\n\nfor hook in ${GIT_DIR}/hooks/${hookname}.d/*; do\ntest -x \"${hook}\" || continue\necho \"${data}\" | \"${hook}\"\nexitcodes=\"${exitcodes} $?\"\ndone\n\nfor i in ${exitcodes}; do\n[ ${i} -eq 0 ] || exit ${i}\ndone\n", setting.ScriptType), fmt.Sprintf("#!/usr/bin/env %s\ndata=$(cat)\nexitcodes=\"\"\nhookname=$(basename $0)\nGIT_DIR=${GIT_DIR:-$(dirname $0)}\n\nfor hook in ${GIT_DIR}/hooks/${hookname}.d/*; do\ntest -x \"${hook}\" && test -f \"${hook}\" || continue\necho \"${data}\" | \"${hook}\"\nexitcodes=\"${exitcodes} $?\"\ndone\n\nfor i in ${exitcodes}; do\n[ ${i} -eq 0 ] || exit ${i}\ndone\n", setting.ScriptType),
} }
giteaHookTpls = []string{ giteaHookTpls = []string{
fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' pre-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf), fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' pre-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf),

Loading…
Cancel
Save