On 5/24/2019 8:03 AM, Christian Couder wrote:
If someone wants to use as a filter a sparse file that is in the repository, something like "--filter=sparse:oid=<ref>:<path>" already works. So 'sparse:path' is only interesting if the sparse file is not in the repository. In this case though the current implementation has a big security issue, as it makes it possible to ask the server to read any file, like for example /etc/password, and to explore the filesystem, as well as individual lines of files. If someone is interested in using a sparse file that is not in the repository as a filter, then at the minimum a config option, such as "uploadpack.sparsePathFilter", should be implemented first to restrict the directory from which the files specified by 'sparse:path' can be read. For now though, let's just disable 'sparse:path' filters. --- list-objects-filter-options.c | 9 ++++++--- list-objects-filter-options.h | 2 -- list-objects-filter.c | 22 ---------------------- 3 files changed, 6 insertions(+), 27 deletions(-) diff --git a/list-objects-filter-options.c b/list-objects-filter-options.c index c0036f7378..007c104b93 100644 --- a/list-objects-filter-options.c +++ b/list-objects-filter-options.c @@ -78,9 +78,12 @@ static int gently_parse_list_objects_filter( return 0;} else if (skip_prefix(arg, "sparse:path=", &v0)) {- filter_options->choice = LOFC_SPARSE_PATH; - filter_options->sparse_path_value = strdup(v0); - return 0; + if (errbuf) { + strbuf_addstr( + errbuf, + _("sparse:path filters are now disabled")); + } + return 1; } /* * Please update _git_fetch() in git-completion.bash when you
[...] We should update git-completion.bash to remove this option. Jeff
