Author: Jason A. Donenfeld <Jason@zx2c4.com>
Do not load user or system gitconfig and gitattributes
While doing any kind of git loading, unset HOME variables and set
NOSYSTEM variables so that cgit does not load any settings that a user
may have set for his own /usr/bin/git usage.
This fixes a fatal error introduced with git 1.8, whereupon git would
fatally exit when failing to access particular files.
The result of this is that only repo-local configuration files are
accessed:
zx2c4@thinkpad ~/Projects/cgit $ HOME=/root QUERY_STRING="url=foo/log"
CGIT_CONFIG=tests/trash/cgitrc strace -e access ./cgit >/dev/null
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
access("repos/foo/.git/objects", X_OK) = 0
access("repos/foo/.git/refs", X_OK) = 0
access("repos/foo/.git/config", R_OK) = 0
access("repos/foo/.git/config", R_OK) = 0
access("repos/foo/.git/objects/b3/bafdbf0183f4897ef8b1319cb8c490ed54717e", F_OK) = 0
access("repos/foo/.git/objects/b3/bafdbf0183f4897ef8b1319cb8c490ed54717e", F_OK) = 0
access("repos/foo/.git/objects/b3/bafdbf0183f4897ef8b1319cb8c490ed54717e", F_OK) = 0
access("repos/foo/.git/objects/b3/bafdbf0183f4897ef8b1319cb8c490ed54717e", F_OK) = 0
+++ exited with 0 +++
Reported-by: Ferry Huberts <ferry.huberts@pelagic.nl>
Tested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Tested-by: Ferry Huberts <ferry.huberts@pelagic.nl>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
cgit.c | 24 ++++++++++++++++++++++++ ui-commit.c | 1 - ui-log.c | 1 -
diff --git a/cgit.c b/cgit.c index f73c7b0b6c7b76d3aa231fe75edfc2ac6acd4745..0bf8972397608506b978d0c2dc275185a66c88b4 100644 --- a/cgit.c +++ b/cgit.c @@ -459,12 +459,36 @@ } static int prepare_repo_cmd(struct cgit_context *ctx) { + char *user_home; + char *xdg_home; unsigned char sha1[20]; int nongit = 0; int rc; + /* The path to the git repository. */ setenv("GIT_DIR", ctx->repo->path, 1); + + /* Do not look in /etc/ for gitconfig and gitattributes. */ + setenv("GIT_CONFIG_NOSYSTEM", "1", 1); + setenv("GIT_ATTR_NOSYSTEM", "1", 1); + + /* We unset HOME and XDG_CONFIG_HOME before calling the git setup function + * so that we don't make unneccessary filesystem accesses. */ + user_home = getenv("HOME"); + xdg_home = getenv("XDG_CONFIG_HOME"); + unsetenv("HOME"); + unsetenv("XDG_CONFIG_HOME"); + + /* Setup the git directory and initialize the notes system. Both of these + * load local configuration from the git repository, so we do them both while + * the HOME variables are unset. */ setup_git_directory_gently(&nongit); + init_display_notes(NULL); + + /* We restore the unset variables afterward. */ + setenv("HOME", user_home, 1); + setenv("XDG_CONFIG_HOME", xdg_home, 1); + if (nongit) { const char *name = ctx->repo->name; rc = errno; diff --git a/ui-commit.c b/ui-commit.c index 6b41017a1cfc4d22b916abea56fbc37376e3e553..a5a6ea83c8e1049ccd3d4bca5649467fe2c7e916 100644 --- a/ui-commit.c +++ b/ui-commit.c @@ -37,7 +37,6 @@ return; } info = cgit_parse_commit(commit); - init_display_notes(NULL); format_display_notes(sha1, ¬es, PAGE_ENCODING, 0); load_ref_decorations(DECORATE_FULL_REFS); diff --git a/ui-log.c b/ui-log.c index 93af0cee4d5f39c18e3e4727b8662b9f197f8391..2aa12c34e967df47a07e9c609b04057ef4829bdb 100644 --- a/ui-log.c +++ b/ui-log.c @@ -403,7 +403,6 @@ free_commit_list(commit->parents); commit->parents = NULL; } - init_display_notes(NULL); for (i = 0; i < cnt && (commit = get_revision(&rev)) != NULL; i++) { print_commit(commit, &rev); free(commit->buffer);