commit 4d19863b062ac469fe09dec014976ba3b8677fb0
parent df2a31c67a7b6ca782121248f650526a4fbe08d2
Author: Hiltjo Posthuma <hiltjo@codemadness.org>
Date: Mon, 3 Jan 2022 12:21:12 +0100
libgit2 config opts: set the search to an empty path
Otherwise this would search outside the unveiled paths and cause an unveil
violation.
Reported by Anton Lindqvist, thanks!
Diffstat:
2 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/stagit-index.c b/stagit-index.c
@@ -173,7 +173,11 @@ main(int argc, char *argv[])
return 1;
}
+ /* do not search outside the git repository:
+ GIT_CONFIG_LEVEL_APP is the highest level currently */
git_libgit2_init();
+ for (i = 1; i <= GIT_CONFIG_LEVEL_APP; i++)
+ git_libgit2_opts(GIT_OPT_SET_SEARCH_PATH, i, "");
#ifdef __OpenBSD__
if (pledge("stdio rpath", NULL) == -1)
diff --git a/stagit.c b/stagit.c
@@ -1220,7 +1220,11 @@ main(int argc, char *argv[])
if (!realpath(repodir, repodirabs))
err(1, "realpath");
+ /* do not search outside the git repository:
+ GIT_CONFIG_LEVEL_APP is the highest level currently */
git_libgit2_init();
+ for (i = 1; i <= GIT_CONFIG_LEVEL_APP; i++)
+ git_libgit2_opts(GIT_OPT_SET_SEARCH_PATH, i, "");
#ifdef __OpenBSD__
if (unveil(repodir, "r") == -1)
