GNU bug report logs -
#53608
[PATCH 0/2] Rejecting commits unrelated to the introductory commit
Previous Next
Reported by: Ludovic Courtès <ludo <at> gnu.org>
Date: Fri, 28 Jan 2022 17:33:01 UTC
Severity: normal
Tags: patch, security
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #22 received at 53608 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi,
Maxime Devos <maximedevos <at> telenet.be> skribis:
> Ludovic Courtès schreef op wo 09-02-2022 om 00:02 [+0100]:
>> Howdy Maxime & Attila,
>>
>> Did you have a chance to look into this series?
>>
>> https://issues.guix.gnu.org/53608
>>
>> It’s relatively simple but I’d rather have other eyeballs looking at it.
>>
>> TIA. :-)
>
> The concept seems reasonable to me but I cannot tell if the
> implementation is good or bad.
OK.
I went ahead and pushed these two commits:
ca87601dd9 git-authenticate: Ensure the target is a descendant of the introductory commit.
87d49346f3 git: Add 'commit-descendant?'.
The actual change is this extra condition:
[Message part 2 (text/x-patch, inline)]
@@ -426,6 +428,17 @@ (define commits
(verify-introductory-commit repository keyring
start-commit signer))
+ ;; Make sure END-COMMIT is a descendant of START-COMMIT or of one of
+ ;; AUTHENTICATED-COMMITS, which are known to be descendants of
+ ;; START-COMMIT.
+ (unless (commit-descendant? end-commit
+ (cons start-commit
+ authenticated-commits))
+ (raise (formatted-message
+ (G_ "commit ~a is not a descendant of introductory commit ~a")
+ (oid->string (commit-id end-commit))
+ (oid->string (commit-id start-commit)))))
+
(let ((stats (call-with-progress-reporter reporter
(lambda (report)
[Message part 3 (text/plain, inline)]
I encourage everyone to take a look.
Thanks,
Ludo’.
This bug report was last modified 3 years and 193 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.