On Sat, Aug 06, 2022 at 03:43:56PM +0200, Xavier Morel wrote: > However looking at fsck_tree, it does have a fair amount of code to > validate entry modes and a dedicated message id for this (BAD_FILEMODE > / badFilemode), it even has a code path for legacy entries with > S_IWGRP set (extensively documented under `git fsck --strict`). > > I guess, over time mode canonicalisation has slowly creeped earlier > the tree-parsing code, and (seemingly for several years) it has been > occurring before "git fsck" gets tree entry information, so git fsck > simply can not see invalid entry modes? Yes, I think you're right. I didn't bisect, but I suspect this goes back to 7146e66f08 (tree-walk: finally switch over tree descriptors to contain a pre-parsed entry, 2014-02-06). We probably need to provide version of decode_tree_entry() which gives the non-canonical mode, and to call it from fsck. -Peff
