Bug#750687: "git status" becomes fork-bomb if a submodule's .git directory is not accessible

Thu, 05 Jun 2014 12:24:34 -0700 

Control: retitle -1 "git status" becomes fork-bomb if a submodule's .git 
directory is not accessible
Control: severity -1 grave
Control: found -1 1:1.9.1-1~bpo70+2
Control: found -1 1:1.7.10.4-1+wheezy1

Hi,

Axel Beckert wrote:
> I couldn't willingly reproduce it yet outside the setup where I ran
> into that issue, 

Here's how to reproduce:

root@kiva6 [~] # mkdir -pv /tmp/bar/foo
mkdir: created directory ‘/tmp/bar’
mkdir: created directory ‘/tmp/bar/foo’
root@kiva6 [~] # cd /tmp/bar/
root@kiva6 [/tmp/bar] # git init
Initialized empty Git repository in /tmp/bar/.git/
root@kiva6 [/tmp/bar] # cd foo/
root@kiva6 [/tmp/bar/foo] # git init
Initialized empty Git repository in /tmp/bar/foo/.git/
root@kiva6 [/tmp/bar/foo] # echo foo > foo
root@kiva6 [/tmp/bar/foo] # git add foo
root@kiva6 [/tmp/bar/foo] # git commit -m foo
[master (root-commit) 41cb8de] foo
 1 file changed, 1 insertion(+)
 create mode 100644 foo
root@kiva6 [/tmp/bar/foo] # cd ..
root@kiva6 [/tmp/bar] # git submodule add ./foo
Adding existing repo at 'foo' to the index
root@kiva6 [/tmp/bar] # git commit -m foo
[master (root-commit) f86b7be] foo
 2 files changed, 4 insertions(+)
 create mode 100644 .gitmodules
 create mode 160000 foo
root@kiva6 [/tmp/bar] # chmod 700 -c foo/.git
mode of ‘foo/.git’ changed from 0755 (rwxr-xr-x) to 0700 (rwx------)
root@kiva6 [/tmp/bar] # su - abe -s /bin/bash
abe@kiva6 [~] $ cd /tmp/bar/foo
abe@kiva6  [/tmp/bar/foo] $ git status
[Fork bomb starts]

Since I consider such a setup not too seldom (especially with
etckeeper and some shell prompt using "git status" to show some
information), I'm raising the severity to grave.

I could reproduce this issue also with the versions of the git package
currently in wheezy and wheezy-backports.

For convenience, here's a shell script setting up a minimal scenario.
It needs to be run as user "root" to make the "su" command at the end
work. The remainder may also work as normal user.

---8<---
#!/bin/sh

rm -rv /tmp/bar
mkdir -pv /tmp/bar/foo
cd /tmp/bar/
git init
cd foo/
git init
echo foo > foo
git add foo
git commit -m foo
cd ..
git submodule add ./foo
git commit -m foo
chmod 700 -c foo/.git

echo ''
echo 'Now type "git status" or e.g. "strace -f -e open git status". Press 
Ctrl-C to abort the fork-bomb.'
su nobody -s /bin/bash
--->8---

                Regards, Axel
-- 
 ,''`.  |  Axel Beckert <[email protected]>, http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE
  `-    |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to