wombelix / pagure

Forked from pagure 2 years ago
Clone

affcebf Separate options and operands in PagureRepo.log()

1 file Authored by swapgs 4 months ago, Committed by wombelix 4 months ago,
    Separate options and operands in PagureRepo.log()
    
    Prevent the injection of additional options to the Git command-line
    by adding the (non-standard) --end-of-option flag before any
    user-controlled value. This was reachable from view_history_file().
    
    Fixes: rhbz#2277121, 6a1d002 ("Add a method to run git log using the system's git")
    Signed-off-by: Thomas Chauchefoin <thomas@chauchefoin.fr>
    
        
file modified
+1 -0