From 05e9cd64ee23bbadcea6bcffd6660ed02b8eab89 Mon Sep 17 00:00:00 2001 From: Justin Tobler Date: Mon, 19 May 2025 21:26:04 -0500 Subject: config: quote values containing CR character When reading the config, values that contain a trailing CRLF are stripped. If the value itself has a trailing CR, the normal LF that follows results in the CR being unintentionally stripped. This may lead to unintended behavior due to the config value written being different when it gets read. One such issue involves a repository with a submodule path containing a trailing CR. When the submodule gets initialized, the submodule is cloned without being checked out and has "core.worktree" set to the submodule path. The git-checkout(1) that gets spawned later reads the "core.worktree" config value, but without the trailing CR, and consequently attempts to checkout to a different path than intended. If the repository contains a matching path that is a symlink, it is possible for the submodule repository to be checked out in arbitrary locations. This is extra bad when the symlink points to the submodule hooks directory and the submodule repository contains an executable "post-checkout" hook. Once the submodule repository checkout completes, the "post-checkout" hook immediately executes. To prevent mismatched config state due to misinterpreting a trailing CR, wrap config values containing CR in double quotes when writing the entry. This ensures a trailing CR is always separated for an LF and thus prevented from getting stripped. Note that this problem cannot be addressed by just quoting each CR with "\r". The reading side of the config interprets only a few backslash escapes, and "\r" is not among them. This fix is sufficient though because it only affects the CR at the end of a line and any literal CR in the interior is already preserved. Co-authored-by: David Leadbeater Signed-off-by: Justin Tobler Signed-off-by: Taylor Blau --- config.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config.c') diff --git a/config.c b/config.c index 9ff6ae1cb9..629981451d 100644 --- a/config.c +++ b/config.c @@ -2999,7 +2999,7 @@ static ssize_t write_pair(int fd, const char *key, const char *value, if (value[0] == ' ') quote = "\""; for (i = 0; value[i]; i++) - if (value[i] == ';' || value[i] == '#') + if (value[i] == ';' || value[i] == '#' || value[i] == '\r') quote = "\""; if (i && value[i - 1] == ' ') quote = "\""; -- cgit v1.3