Patrick Steinhardt <ps@xxxxxx> writes: > I have to wonder whether we should tighten restrictions even further: > instead of manually keeping track of how deep in the stack we are, we > limit the length of revisions to at most 1MB. I would claim that this > limit is sufficiently large to never be a problem in practice. Tempting. > Revisions > are limited to 4kB on most platforms anyway due to the maximum path > length. I do not quite get this part, though. When we get "HEAD~~~~~~~~~^2~~~~~~" from the user, do we somehow try to create a file or a directory with that name and fail due to ENAMETOOLONG? There are ways like "git rev-list --stdin" to cause Git read input lines of arbitrary length, so I do not think the command line length limit does not come into the picture, either. But I do agree that the only useful use of such a revision string that is longer than 1MB would be to attack.
