From: Junio C Hamano <gitster@pobox.com>
To: Nicolas George <george@nsup.org>
Cc: git@vger.kernel.org
Subject: Re: gitweb bug report: hash mistaken for an option
Date: Wed, 18 Mar 2026 14:47:57 -0700 [thread overview]
Message-ID: <xmqqikasq06q.fsf@gitster.g> (raw)
In-Reply-To: <absJmT_S9gGqbwyT@phare.normalesup.org> (Nicolas George's message of "Wed, 18 Mar 2026 21:22:49 +0100")
Nicolas George <george@nsup.org> writes:
> Hi.
>
> We have a web server with gitweb (from Debian), and we observed git error
> messages in apache's error.log. I tracked down the issue to a request that
> had this:
>
> ```
> ?p=…/.git;a=tree;hb=-c
> ```
>
> I will not bother giving the actual URL since nobody else can check the
> issue in the logs or our server, but the issue can be reproduced on any
> server by replacing the `hb=…` parameter with `hb=-c`.
>
> I tracked down the issue further to the `git_tree` function of the CGI
> script:
>
> <https://git.kernel.org/pub/scm/git/git.git/tree/gitweb/gitweb.perl#n7200>
>
> If `$hash_base`, i.e. the `hb` parameter, is set and not `$file_name`, then
> it is passed as is as the last argument of `ls-tree -z`, and since it is not
> a valid hash, it prints an error.
In other words, garbage-in garbage-out?
FWIW, this also gives an error message
$ git ls-tree no-such-tree
fatal: Not a valid object name no-such
and even though it may give slightly a smaller error message than
"git ls-tree -c", it would not stay silent. So I am not sure if
there is anything to fix here, short of redirecting your standard
error to /dev/null or something.
> Second, that the error (be it “unknown switch”, “Not a valid object name” or
> “not a tree object” gets written into the error log: it is an error entirely
> caused by the client that has no repercussion on the server, it should be
> either passed back to the client or ignored. This is more minor but harder
> to fix.
For that, you'd need to capture standard error stream and relay it
to the user, I guess. That does sound like the right fix to deal
with any wrong input that comes in the web request.
This is a tangent, but I actually think "ls-tree -- $whatever" that
forces $whatever to be interpreted as the tree object name _is_ a
bug. A double-dash should signal end of revisions and beginning of
the pathspec. We may want to fix it in "git ls-tree", regardless of
any gitweb issue.
While I do not think it is a fix to force the end-user supplied
parameter to be interpreted as a tree object name, if we wanted to
do so in durable way that won't be broken even after we correct the
double-dash bug in ls-tree, we probably should write
$ git ls-tree -z --end-of-options $hb
instead.
Thanks.
prev parent reply other threads:[~2026-03-18 21:48 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-18 20:22 gitweb bug report: hash mistaken for an option Nicolas George
2026-03-18 21:47 ` Junio C Hamano [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqikasq06q.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=george@nsup.org \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.