From e86aaf5af78ace4b36bc6ff17bb2316762e67069 Mon Sep 17 00:00:00 2001 From: David Knaack Date: Mon, 9 May 2022 09:32:15 +0200 Subject: [PATCH] update libgit2 to newer snapshot CVE 2022-24765 Co-Authored-By: Eric Huss <43198+ehuss@users.noreply.github.com> --- Cargo.toml | 4 ++-- git2-curl/Cargo.toml | 2 +- libgit2-sys/Cargo.toml | 2 +- libgit2-sys/build.rs | 29 +++++++++++++++++++++-------- libgit2-sys/lib.rs | 5 ++++- libgit2-sys/libgit2 | 2 +- src/error.rs | 3 +++ src/lib.rs | 4 +++- src/opts.rs | 13 +++++++++++++ 9 files changed, 49 insertions(+), 15 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 92db148433..27d9a92638 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "git2" -version = "0.14.4" +version = "0.15.0" authors = ["Josh Triplett ", "Alex Crichton "] license = "MIT OR Apache-2.0" readme = "README.md" @@ -20,7 +20,7 @@ url = "2.0" bitflags = "1.1.0" libc = "0.2" log = "0.4.8" -libgit2-sys = { path = "libgit2-sys", version = "0.13.4" } +libgit2-sys = { path = "libgit2-sys", version = "0.14.0" } [target."cfg(all(unix, not(target_os = \"macos\")))".dependencies] openssl-sys = { version = "0.9.0", optional = true } diff --git a/git2-curl/Cargo.toml b/git2-curl/Cargo.toml index a52bc21cfe..e249c7bca9 100644 --- a/git2-curl/Cargo.toml +++ b/git2-curl/Cargo.toml @@ -16,7 +16,7 @@ edition = "2018" curl = "0.4.33" url = "2.0" log = "0.4" -git2 = { path = "..", version = "0.14", default-features = false } +git2 = { path = "..", version = "0.15", default-features = false } [dev-dependencies] civet = "0.11" diff --git a/libgit2-sys/Cargo.toml b/libgit2-sys/Cargo.toml index 7edd14f199..77112d409c 100644 --- a/libgit2-sys/Cargo.toml +++ b/libgit2-sys/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "libgit2-sys" -version = "0.13.4+1.4.2" +version = "0.14.0+1.4.4" authors = ["Josh Triplett ", "Alex Crichton "] links = "git2" build = "build.rs" diff --git a/libgit2-sys/build.rs b/libgit2-sys/build.rs index ef0468b40e..28207a9ba7 100644 --- a/libgit2-sys/build.rs +++ b/libgit2-sys/build.rs @@ -14,11 +14,7 @@ fn main() { let try_to_use_system_libgit2 = !vendored && !zlib_ng_compat; if try_to_use_system_libgit2 { let mut cfg = pkg_config::Config::new(); - if let Ok(lib) = cfg - .range_version("1.4.0".."1.5.0") - .print_system_libs(false) - .probe("libgit2") - { + if let Ok(lib) = cfg.range_version("1.4.4".."1.5.0").probe("libgit2") { for include in &lib.include_paths { println!("cargo:root={}", include.display()); } @@ -162,9 +158,26 @@ fn main() { cfg.define("SHA1DC_NO_STANDARD_INCLUDES", "1"); cfg.define("SHA1DC_CUSTOM_INCLUDE_SHA1_C", "\"common.h\""); cfg.define("SHA1DC_CUSTOM_INCLUDE_UBC_CHECK_C", "\"common.h\""); - cfg.file("libgit2/src/util/hash/sha1/collisiondetect.c"); - cfg.file("libgit2/src/util/hash/sha1/sha1dc/sha1.c"); - cfg.file("libgit2/src/util/hash/sha1/sha1dc/ubc_check.c"); + cfg.file("libgit2/src/util/hash/collisiondetect.c"); + cfg.file("libgit2/src/util/hash/sha1dc/sha1.c"); + cfg.file("libgit2/src/util/hash/sha1dc/ubc_check.c"); + + if https { + if windows { + features.push_str("#define GIT_SHA256_WIN32 1\n"); + cfg.file("libgit2/src/util/hash/win32.c"); + } else if target.contains("apple") { + features.push_str("#define GIT_SHA256_COMMON_CRYPTO 1\n"); + cfg.file("libgit2/src/util/hash/common_crypto.c"); + } else { + features.push_str("#define GIT_SHA256_OPENSSL 1\n"); + cfg.file("libgit2/src/util/hash/openssl.c"); + } + } else { + features.push_str("#define GIT_SHA256_BUILTIN 1\n"); + cfg.file("libgit2/src/util/hash/builtin.c"); + cfg.file("libgit2/src/util/hash/rfc6234/sha224-256.c"); + } if let Some(path) = env::var_os("DEP_Z_INCLUDE") { cfg.include(path); diff --git a/libgit2-sys/lib.rs b/libgit2-sys/lib.rs index d5150ffa45..a113a29526 100644 --- a/libgit2-sys/lib.rs +++ b/libgit2-sys/lib.rs @@ -1,4 +1,4 @@ -#![doc(html_root_url = "https://docs.rs/libgit2-sys/0.13")] +#![doc(html_root_url = "https://docs.rs/libgit2-sys/0.14")] #![allow(non_camel_case_types, unused_extern_crates)] // This is required to link libz when libssh2-sys is not included. @@ -195,6 +195,7 @@ git_enum! { GIT_EMISMATCH = -33, GIT_EINDEXDIRTY = -34, GIT_EAPPLYFAIL = -35, + GIT_EOWNER = -36, } } @@ -1894,6 +1895,8 @@ git_enum! { GIT_OPT_SET_ODB_LOOSE_PRIORITY, GIT_OPT_GET_EXTENSIONS, GIT_OPT_SET_EXTENSIONS, + GIT_OPT_GET_OWNER_VALIDATION, + GIT_OPT_SET_OWNER_VALIDATION, } } diff --git a/libgit2-sys/libgit2 b/libgit2-sys/libgit2 index 2a0d0bd19b..53cfad9e4b 160000 --- a/libgit2-sys/libgit2 +++ b/libgit2-sys/libgit2 @@ -1 +1 @@ -Subproject commit 2a0d0bd19b5d13e2ab7f3780e094404828cbb9a7 +Subproject commit 53cfad9e4b0faeb4e2f6385cafd5298cbb81b82b diff --git a/src/error.rs b/src/error.rs index f3ad9ad0e9..779d785adf 100644 --- a/src/error.rs +++ b/src/error.rs @@ -127,6 +127,7 @@ impl Error { raw::GIT_EMISMATCH => super::ErrorCode::HashsumMismatch, raw::GIT_EINDEXDIRTY => super::ErrorCode::IndexDirty, raw::GIT_EAPPLYFAIL => super::ErrorCode::ApplyFail, + raw::GIT_EOWNER => super::ErrorCode::Owner, _ => super::ErrorCode::GenericError, } } @@ -163,6 +164,7 @@ impl Error { ErrorCode::HashsumMismatch => raw::GIT_EMISMATCH, ErrorCode::IndexDirty => raw::GIT_EINDEXDIRTY, ErrorCode::ApplyFail => raw::GIT_EAPPLYFAIL, + ErrorCode::Owner => raw::GIT_EOWNER, }; } @@ -293,6 +295,7 @@ impl Error { GIT_EMISMATCH, GIT_EINDEXDIRTY, GIT_EAPPLYFAIL, + GIT_EOWNER, ) } diff --git a/src/lib.rs b/src/lib.rs index a9ec38d20d..c297ffe444 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -65,7 +65,7 @@ //! source `Repository`, to ensure that they do not outlive the repository //! itself. -#![doc(html_root_url = "https://docs.rs/git2/0.14")] +#![doc(html_root_url = "https://docs.rs/git2/0.15")] #![allow(trivial_numeric_casts, trivial_casts)] #![deny(missing_docs)] #![warn(rust_2018_idioms)] @@ -215,6 +215,8 @@ pub enum ErrorCode { IndexDirty, /// Patch application failed ApplyFail, + /// The object is not owned by the current user + Owner, } /// An enumeration of possible categories of things that can have diff --git a/src/opts.rs b/src/opts.rs index a89df4e1c9..dc902aee63 100644 --- a/src/opts.rs +++ b/src/opts.rs @@ -178,6 +178,19 @@ where Ok(()) } +/// Set wheter or not to verify ownership before performing a repository. +/// Enabled by default, but disabling this can lead to code execution vulnerabilities. +pub unsafe fn set_verify_owner_validation(enabled: bool) -> Result<(), Error> { + let error = raw::git_libgit2_opts( + raw::GIT_OPT_SET_OWNER_VALIDATION as libc::c_int, + enabled as libc::c_int, + ); + // This function cannot actually fail, but the function has an error return + // for other options that can. + debug_assert!(error >= 0); + Ok(()) +} + #[cfg(test)] mod test { use super::*;