Homec4science

Remove the warning about the Git 2GB pathname issue

Authored by epriestley <git@epriestley.com> on Apr 19 2016, 15:55.

Description

Remove the warning about the Git 2GB pathname issue

Summary:
Ref T10832. In practice, git --version is not a useful test for this issue:

  • Vendors like Debian have backported the patch into custom versions like 0.0.0.1-debian-lots-of-patches.3232.
  • Vendors like Ubuntu distribute multiple different versions which report the same string from git --version, some of which are patched and some of which are not.

In other cases, we can perform an empirical test for the vulnerability. Here, we can not, because we can't write a 2GB path in a reasonable amount of time.

Since vendors (other than Apple) generally seem to be on top of this and any warning we try to raise based on git --version will frequently be incorrect, don't raise this warning.

I'll note this in the changelog instead.

Test Plan: Looked at setup issues, no more warning for vulnerable git version.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10832

Differential Revision: https://secure.phabricator.com/D15756

Details

Committed
epriestley <git@epriestley.com>Apr 19 2016, 16:01
Pushed
aubortJan 31 2017, 17:16
Parents
rPH575c01373ee7: Extract repository command construction from Repositories
Branches
Unknown
Tags
Unknown

Event Timeline

epriestley <git@epriestley.com> committed rPHc30fe65ee9c8: Remove the warning about the Git 2GB pathname issue (authored by epriestley <git@epriestley.com>).Apr 19 2016, 16:01