From 8b5debbfcc51f4db7832d3cc09a336e57f8a8476 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B3zsef=20F=C3=A9nyes?= <fenyesj@gmail.com>
Date: Fri, 24 May 2024 11:13:46 +0200
Subject: [PATCH] reject paths passed in for hook names in configuration

---
 custom/conf/app.example.ini |  8 ++++----
 modules/setting/hooks.go    | 26 +++++++++++++++++++++++++-
 2 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index 9e67a40d95..4df63f41b3 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -419,16 +419,16 @@ USER = root
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-[GitHooks]
+[git.hooks]
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;
 ;; Git prereceive hook name
-;GIT_HOOK_PRERECEIVE_NAME = prereceive
-;; Git post receive hook name
-;GIT_HOOK_POSTRECEIVE_NAME = postreceive
+;GIT_HOOK_PRERECEIVE_NAME = pre-receive
 ;; Git update hook name
 ;GIT_HOOK_UPDATE_NAME = update
+;; Git post receive hook name
+;GIT_HOOK_POSTRECEIVE_NAME = post-receive
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
diff --git a/modules/setting/hooks.go b/modules/setting/hooks.go
index dc5c821539..1cc9c54c26 100644
--- a/modules/setting/hooks.go
+++ b/modules/setting/hooks.go
@@ -3,6 +3,13 @@
 
 package setting
 
+import (
+	"fmt"
+	"strings"
+
+	"code.gitea.io/gitea/modules/log"
+)
+
 var (
 	// Git hook settings
 	GitHookPrereceiveName  string
@@ -10,9 +17,26 @@ var (
 	GitHookUpdateName      string
 )
 
+func isValidFileName(filename string) error {
+	if strings.Contains(filename, "/") || strings.Contains(filename, "\\") {
+		return fmt.Errorf("contains path components")
+	}
+	return nil
+}
+
 func loadHooksFrom(rootCfg ConfigProvider) {
-	githooks := rootCfg.Section("GitHooks")
+	githooks := rootCfg.Section("git.hooks")
 	GitHookPrereceiveName = githooks.Key("GIT_HOOK_PRERECEIVE_NAME").MustString("pre-receive")
 	GitHookUpdateName = githooks.Key("GIT_HOOK_UPDATE_NAME").MustString("update")
 	GitHookPostreceiveName = githooks.Key("GIT_HOOK_POSTRECEIVE_NAME").MustString("post-receive")
+
+	if err := isValidFileName(GitHookPrereceiveName); err != nil {
+		log.Fatal("Invalid git pre-receive hook name (%s): %v", GitHookPrereceiveName, err)
+	}
+	if err := isValidFileName(GitHookUpdateName); err != nil {
+		log.Fatal("Invalid git update hook name (%s): %v", GitHookUpdateName, err)
+	}
+	if err := isValidFileName(GitHookPostreceiveName); err != nil {
+		log.Fatal("Invalid git post-receive hook name (%s): %v", GitHookPostreceiveName, err)
+	}
 }