On Thu, Oct 20, 2011 at 3:31 PM, Junio C Hamano <gitster@xxxxxxxxx> wrote: > Jeff King <peff@xxxxxxxx> writes: > >> And nothing shows up in the body, because git truncates at the NUL we >> added: >> >> $ git show >> commit 31337a1093af2d97eb2e6c08b261c2946395fdd3 >> Author: Jeff King <peff@xxxxxxxx> >> Date: Wed Oct 19 15:34:00 2011 -0400 >> >> 10 >> >> diff --git a/file b/file > > But you cannot hide from "cat-file commit" ;-) > > With the recent push to more (perceived) security, it may probably make > sense to teach "log" family commands to quote-show ^@ and what is behind > in their output by default, perhaps with an option to turn it off. What about NUL in file name in tree objects? Suppose the original tree has an entry named "goodthing". With luck, they might be able to create a new tree object with the entry renamed to "evil\x001234" that has the same SHA-1. Could that possibly cause any problems? -- Duy -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html