reject paths passed in for hook names in configuration

2024-06-29 01:45:30 +00:00 · 2024-05-24 11:13:46 +02:00 · 2024-05-24 11:13:46 +02:00 · 8b5debbfcc
commit 8b5debbfcc
parent 9acbb58769
2 changed files with 29 additions and 5 deletions
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@ -419,16 +419,16 @@ USER = root

 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-[GitHooks]
+[git.hooks]
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;
 ;; Git prereceive hook name
-;GIT_HOOK_PRERECEIVE_NAME = prereceive
-;; Git post receive hook name
-;GIT_HOOK_POSTRECEIVE_NAME = postreceive
+;GIT_HOOK_PRERECEIVE_NAME = pre-receive
 ;; Git update hook name
 ;GIT_HOOK_UPDATE_NAME = update
+;; Git post receive hook name
+;GIT_HOOK_POSTRECEIVE_NAME = post-receive

 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
--- a/modules/setting/hooks.go
+++ b/modules/setting/hooks.go
@ -3,6 +3,13 @@

 package setting

+import (
+	"fmt"
+	"strings"
+
+	"code.gitea.io/gitea/modules/log"
+)
+
 var (
 	// Git hook settings
 	GitHookPrereceiveName  string
@ -10,9 +17,26 @@ var (
 	GitHookUpdateName      string
 )

+func isValidFileName(filename string) error {
+	if strings.Contains(filename, "/") || strings.Contains(filename, "\\") {
+		return fmt.Errorf("contains path components")
+	}
+	return nil
+}
+
 func loadHooksFrom(rootCfg ConfigProvider) {
-	githooks := rootCfg.Section("GitHooks")
+	githooks := rootCfg.Section("git.hooks")
 	GitHookPrereceiveName = githooks.Key("GIT_HOOK_PRERECEIVE_NAME").MustString("pre-receive")
 	GitHookUpdateName = githooks.Key("GIT_HOOK_UPDATE_NAME").MustString("update")
 	GitHookPostreceiveName = githooks.Key("GIT_HOOK_POSTRECEIVE_NAME").MustString("post-receive")
+
+	if err := isValidFileName(GitHookPrereceiveName); err != nil {
+		log.Fatal("Invalid git pre-receive hook name (%s): %v", GitHookPrereceiveName, err)
+	}
+	if err := isValidFileName(GitHookUpdateName); err != nil {
+		log.Fatal("Invalid git update hook name (%s): %v", GitHookUpdateName, err)
+	}
+	if err := isValidFileName(GitHookPostreceiveName); err != nil {
+		log.Fatal("Invalid git post-receive hook name (%s): %v", GitHookPostreceiveName, err)
+	}
 }