Hi Jeff,
On Wed, 29 May 2024, Jeff King wrote:
> [...] But of course most sites just use the defaults, so all warnings
> are effectively errors.
I wish that had been pointed out on the git-security mailing list when I
offered this patch up for review.
> In the meantime, we also have an "INFO" severity which gets reported but
> not upgraded via strict. It sounds like that's what was intended here.
Precisely.
So this is what the fix-up patch would look like to make the code match my
intention:
-- snipsnap --
Subject: [PATCH] fsck: demote the newly-introduced symlink issues from WARN -> IGNORE
The idea of the symlink check to prevent overly-long symlink targets and
targets inside the `.git/` directory was to _warn_, but not to prevent
any operation.
However, that's not how Git works, I was confused by the label `WARN`.
What we need instead is the `IGNORE` label, which still warns
(confusingly so ;-)), but does not prevent any operations from
continuing.
Adjust t1450 accordingly, documenting that `git fsck` unfortunately no
longer warns about these issues by default.
Signed-off-by: Johannes Schindelin <johannes.schindelin@xxxxxx>
---
Documentation/fsck-msgids.txt | 4 ++--
fsck.h | 4 ++--
t/t1450-fsck.sh | 13 ++++++++++++-
3 files changed, 16 insertions(+), 5 deletions(-)
diff --git a/Documentation/fsck-msgids.txt b/Documentation/fsck-msgids.txt
index b06ec385aff..f5016ecda6a 100644
--- a/Documentation/fsck-msgids.txt
+++ b/Documentation/fsck-msgids.txt
@@ -158,13 +158,13 @@
(WARN) Tree contains entries pointing to a null sha1.
`symlinkPointsToGitDir`::
- (WARN) Symbolic link points inside a gitdir.
+ (INFO) Symbolic link points inside a gitdir.
`symlinkTargetBlob`::
(ERROR) A non-blob found instead of a symbolic link's target.
`symlinkTargetLength`::
- (WARN) Symbolic link target longer than maximum path length.
+ (INFO) Symbolic link target longer than maximum path length.
`symlinkTargetMissing`::
(ERROR) Unable to read symbolic link target's blob.
diff --git a/fsck.h b/fsck.h
index 130fa8d8f91..d41ec98064b 100644
--- a/fsck.h
+++ b/fsck.h
@@ -74,8 +74,6 @@ enum fsck_msg_type {
FUNC(NULL_SHA1, WARN) \
FUNC(ZERO_PADDED_FILEMODE, WARN) \
FUNC(NUL_IN_COMMIT, WARN) \
- FUNC(SYMLINK_TARGET_LENGTH, WARN) \
- FUNC(SYMLINK_POINTS_TO_GIT_DIR, WARN) \
/* infos (reported as warnings, but ignored by default) */ \
FUNC(BAD_FILEMODE, INFO) \
FUNC(GITMODULES_PARSE, INFO) \
@@ -84,6 +82,8 @@ enum fsck_msg_type {
FUNC(MAILMAP_SYMLINK, INFO) \
FUNC(BAD_TAG_NAME, INFO) \
FUNC(MISSING_TAGGER_ENTRY, INFO) \
+ FUNC(SYMLINK_TARGET_LENGTH, INFO) \
+ FUNC(SYMLINK_POINTS_TO_GIT_DIR, INFO) \
/* ignored (elevated when requested) */ \
FUNC(EXTRA_HEADER_ENTRY, IGNORE)
diff --git a/t/t1450-fsck.sh b/t/t1450-fsck.sh
index 5669872bc80..8339e60efb2 100755
--- a/t/t1450-fsck.sh
+++ b/t/t1450-fsck.sh
@@ -1032,7 +1032,18 @@ test_expect_success 'fsck warning on symlink target with excessive length' '
warning in blob $symlink_target: symlinkTargetLength: symlink target too long
EOF
git fsck --no-dangling >actual 2>&1 &&
- test_cmp expected actual
+ test_cmp expected actual &&
+
+ test_when_finished "git tag -d symlink-target-length" &&
+ git tag symlink-target-length $tree &&
+ test_when_finished "rm -rf throwaway.git" &&
+ git init --bare throwaway.git &&
+ git --git-dir=throwaway.git config receive.fsckObjects true &&
+ git --git-dir=throwaway.git config receive.fsck.symlinkTargetLength error &&
+ test_must_fail git push throwaway.git symlink-target-length &&
+ git --git-dir=throwaway.git config --unset receive.fsck.symlinkTargetLength &&
+ git push throwaway.git symlink-target-length 2>err &&
+ grep "warning.*symlinkTargetLength" err
'
test_expect_success 'fsck warning on symlink target pointing inside git dir' '
