Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Internal Server Error when creating a repository in edge case #5772

Closed
Larivact opened this issue Jan 19, 2019 · 10 comments · Fixed by #5774
Closed

Internal Server Error when creating a repository in edge case #5772

Larivact opened this issue Jan 19, 2019 · 10 comments · Fixed by #5774
Labels
type/bug

Comments

@Larivact
Copy link

I do not have Gitea installed and discovered this very weird bug at https://try.gitea.io, which currently uses af45648.

Description

  1. Create an account
  2. Go to your account settings and set your Full Name to <Test (it needs to start with a less-than sign)
  3. Attempt to create a repository: enter a name and check Initialize Repository (Adds .gitignore, License and README) (this is important it will not fail if you do not check it). Click Create Repository.
  4. Internal Server Error 500
@Larivact Larivact mentioned this issue Jan 19, 2019
Closed
@zeripath
Copy link
Contributor

Thanks @Larivact I can confirm this bug.

@zeripath
Copy link
Contributor

The issue is this line:

https://github.com/go-gitea/gitea/blob/master/models/repo.go#L1097

		"git", "commit", fmt.Sprintf("--author='%s <%s>'", sig.Name, sig.Email),

The author's name isn't being escaped - this appears to be safe despite the potential security problems due to the way the whole thing is passed as a single argument direct to the git binary rather than going through an interpreter - git just then interprets the mess after the = as being the author no matter what is in there. It is quite liberal with what it expects to be a name, the only issues seem to be that there can only be one segment enclosed by <> and that segment had better be an email address.

@zeripath
Copy link
Contributor

There are 4 other places that do the same thing in the code base.

@Larivact
Copy link
Author

Thanks for tracking this down. Git does not validate email addresses but expects a name:

$ git commit --author='<a>'
fatal: empty ident name (for <a>) not allowed

So the issue can also be reproduced with a Full Name that's just a space.

@zeripath
Copy link
Contributor

zeripath commented Jan 19, 2019
edited
Loading

Looking at what git does internally, if you set GIT_AUTHOR_NAME and GIT_AUTHOR_EMAIL it will pass them through this function https://github.com/git/git/blob/master/ident.c#L221 which will remove \n<> and Trim preceding and following whitespace.

@zeripath
Copy link
Contributor

I guess we should do this too. If the name is effectively empty we should use the username.

@zeripath
Copy link
Contributor

I'll have a PR up if this passes the integration tests in a few mins

@Larivact
Copy link
Author

Just doing strip and trim would still let <Test slide because of the argument parsing. So we should probably pass name & email via environment variables with ExecDirEnv.

@zeripath zeripath mentioned this issue Jan 19, 2019
Merged
@zeripath
Copy link
Contributor

Take a look at my fix, it's cleverer than that.

@Larivact
Copy link
Author

I see. Thanks for the quick and elegant solution.

zeripath added a commit to zeripath/gitea that referenced this issue Jan 20, 2019
@zeripath
Ensure valid git author names passed in signatures
8f0a35f 
Fix go-gitea#5772 - Git author names are not allowed to include `\n` `<` or `>` and
must not be empty. Ensure that the name passed in a signature is valid.

Signed-off-by: Andrew Thornton <art27@cantab.net>
lafriks pushed a commit that referenced this issue Jan 24, 2019
@zeripath @lafriks
Ensure valid git author names passed in signatures (#5774)
44371b9 
* Ensure valid git author names passed in signatures

Fix #5772 - Git author names are not allowed to include `\n` `<` or `>` and
must not be empty. Ensure that the name passed in a signature is valid.

* Account for pathologically named external users

LDAP and the like usernames are not checked in the same way that users who signup are.
Therefore just ensure that user names are also git safe and if totally pathological -
Set them to "user-$UID"

* Add Tests and adjust test users

Make our testcases a little more pathological so that we be sure that integration
tests have a chance to spot these cases.

Signed-off-by: Andrew Thornton <art27@cantab.net>
@lunny lunny removed the in progress label Jan 24, 2019
bmackinney pushed a commit to bmackinney/gitea that referenced this issue Jan 27, 2019
@zeripath @bmackinney
Ensure valid git author names passed in signatures (go-gitea#5774)
dc2b20d 
* Ensure valid git author names passed in signatures

Fix go-gitea#5772 - Git author names are not allowed to include `\n` `<` or `>` and
must not be empty. Ensure that the name passed in a signature is valid.

* Account for pathologically named external users

LDAP and the like usernames are not checked in the same way that users who signup are.
Therefore just ensure that user names are also git safe and if totally pathological -
Set them to "user-$UID"

* Add Tests and adjust test users

Make our testcases a little more pathological so that we be sure that integration
tests have a chance to spot these cases.

Signed-off-by: Andrew Thornton <art27@cantab.net>
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type/bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Ensure valid git author names passed in signatures zeripath/gitea
3 participants
@lunny @zeripath @Larivact