* git format-patch --in-reply-to allows header injection. Intended?
@ 2014-09-04 21:21 Niklas Hambüchen
2014-09-04 21:36 ` Junio C Hamano
0 siblings, 1 reply; 4+ messages in thread
From: Niklas Hambüchen @ 2014-09-04 21:21 UTC (permalink / raw)
To: git; +Cc: petr.mvd
Hi,
I just wanted to ask if the --in-reply-to flag of git format-patch is
supposed to write the given string unmodified into the email or whether
it ought to perform some check against header injection.
For example, if you pass "--in-reply-to=<msgid>\nTo: <other@example.com"
(notice lack of trailing `>`), then the generated email will actually
contain a
To: <other@example.com>
header.
(Depending on your shell you might also use "--in-reply-to=`cat`" to get
the above working more easily.)
Is this known and working as intended, or undesired?
Thanks!
Niklas
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: git format-patch --in-reply-to allows header injection. Intended?
2014-09-04 21:21 git format-patch --in-reply-to allows header injection. Intended? Niklas Hambüchen
@ 2014-09-04 21:36 ` Junio C Hamano
2014-09-04 21:42 ` Niklas Hambüchen
0 siblings, 1 reply; 4+ messages in thread
From: Junio C Hamano @ 2014-09-04 21:36 UTC (permalink / raw)
To: Niklas Hambüchen; +Cc: git, petr.mvd
Niklas Hambüchen <mail@nh2.me> writes:
> For example, if you pass "--in-reply-to=<msgid>\nTo: <other@example.com"
> (notice lack of trailing `>`), then the generated email will actually
> contain a
> To: <other@example.com>
> header.
While I do not think of a reason to specify such a string to the
in-reply-to option (I'd rather edit the output in the editor if I
wanted to do anything fancy [*1*]), I do not think there is a reason
why you want to add a code to forbid such use, either.
[Footnote]
*1* For that matter, --in-reply-to option itself is superfluous.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: git format-patch --in-reply-to allows header injection. Intended?
2014-09-04 21:36 ` Junio C Hamano
@ 2014-09-04 21:42 ` Niklas Hambüchen
2014-09-04 23:59 ` Junio C Hamano
0 siblings, 1 reply; 4+ messages in thread
From: Niklas Hambüchen @ 2014-09-04 21:42 UTC (permalink / raw)
To: Junio C Hamano; +Cc: git, petr.mvd
On 04/09/14 23:36, Junio C Hamano wrote:
> While I do not think of a reason to specify such a string to the
> in-reply-to option (I'd rather edit the output in the editor if I
> wanted to do anything fancy [*1*]), I do not think there is a reason
> why you want to add a code to forbid such use, either.
My question was to find out whether I can pass untrusted user input to
--in-reply-to and expect that no header beyond "In-Reply-To" and
"References" is modified, but your answer makes clear that I cannot.
A possible alternative might have been that git verifies that the input
to --in-reply-to matches the format specified RFC2822 (section 3.6.4.).
Thanks!
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: git format-patch --in-reply-to allows header injection. Intended?
2014-09-04 21:42 ` Niklas Hambüchen
@ 2014-09-04 23:59 ` Junio C Hamano
0 siblings, 0 replies; 4+ messages in thread
From: Junio C Hamano @ 2014-09-04 23:59 UTC (permalink / raw)
To: Niklas Hambüchen; +Cc: git, petr.mvd
Niklas Hambüchen <mail@nh2.me> writes:
> On 04/09/14 23:36, Junio C Hamano wrote:
>> While I do not think of a reason to specify such a string to the
>> in-reply-to option (I'd rather edit the output in the editor if I
>> wanted to do anything fancy [*1*]), I do not think there is a reason
>> why you want to add a code to forbid such use, either.
>
> My question was to find out whether I can pass untrusted user input to
> ...
Ah, in general, anybody who passes unvetted user input to any Git
Porcelain deserves what s/he gets, so perhaps you would want to at
least make sure that the input is a single line, or something.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-09-04 23:59 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-09-04 21:21 git format-patch --in-reply-to allows header injection. Intended? Niklas Hambüchen
2014-09-04 21:36 ` Junio C Hamano
2014-09-04 21:42 ` Niklas Hambüchen
2014-09-04 23:59 ` Junio C Hamano
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).