[jenkinsci/git-client-plugin] 670760: Better safeguard enabling repository sanity check

[Mark Waite]

  Branch: refs/heads/stable-2.8
  Home:   https://github.com/jenkinsci/git-client-plugin
  Commit: 6707609868c2e9cff57b160e918029a8cc1a88aa
      
https://github.com/jenkinsci/git-client-plugin/commit/6707609868c2e9cff57b160e918029a8cc1a88aa
  Author: Mark Waite <mark.earl.wa...@gmail.com>
  Date:   2019-09-14 (Sat, 14 Sep 2019)

  Changed paths:
    M src/test/java/org/jenkinsci/plugins/gitclient/GitClientSecurityTest.java

  Log Message:
  -----------
  Better safeguard enabling repository sanity check

Summary: When the Jenkins command line argument disables repository sanity
checks, the security problem from SECURITY-1534 is visible in some cases.

SECURITY-1534 reports that repository URL's provided by the user were
not sanity checked before being passed to git ls-remote and git fetch. A
sanity check is now enabled by default.

As a backwards compatibility 'escape hatch', a Jenkins command line
argument can disable the repository sanity checks. Disabling the checks
then relies on command line git to perform the sanity checks.

GitClientSecurityTest uses a randomly selected value to enable or disable
the repository URL check. If the repository check is selected to be
disabled and the command line git implementation does not have full
support for the '--' separator between options and operands and the
attack string is one of a known set of strings, then the test forces
repository checks to be enabled so that it avoids cases where older
command line git doesn't sanity check its arguments.

If the test were run with repository checks disabled in those cases
on older command line git implementations (git 1.8.3 on CentOS 7,
git 2.7.4 on Ubuntu 16) it would cause the test code to not throw an
exception because those command line git versions do not fully support
'--' to separate options and operands.


  Commit: dbbd3fd4f2381add48d3e9d37c8a9df91decdcc1
      
https://github.com/jenkinsci/git-client-plugin/commit/dbbd3fd4f2381add48d3e9d37c8a9df91decdcc1
  Author: Mark Waite <mark.earl.wa...@gmail.com>
  Date:   2019-09-14 (Sat, 14 Sep 2019)

  Changed paths:
    M src/test/java/org/jenkinsci/plugins/gitclient/GitClientSecurityTest.java

  Log Message:
  -----------
  Merge pull request #458 from MarkEWaite/more-args-for-security-check

Better SECURITY-1534 tests


Compare: 
https://github.com/jenkinsci/git-client-plugin/compare/04350c066243...dbbd3fd4f238

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-commits+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/git-client-plugin/push/refs/heads/stable-2.8/04350c-dbbd3f%40github.com.