)]}'
{
  "commit": "c716fe4bd917e013bf376a678b3a924447777b2d",
  "tree": "3dd97595b4abbbc874446c479773357c25fa1a99",
  "parents": [
    "17f1c0b8c7e447aa62f85dc355bb48133d2812f2"
  ],
  "author": {
    "name": "Jeff King",
    "email": "peff@peff.net",
    "time": "Thu Mar 12 01:31:11 2020 -0400"
  },
  "committer": {
    "name": "Jeff King",
    "email": "peff@peff.net",
    "time": "Thu Mar 12 02:55:24 2020 -0400"
  },
  "message": "credential: detect unrepresentable values when parsing urls\n\nThe credential protocol can\u0027t represent newlines in values, but URLs can\nembed percent-encoded newlines in various components. A previous commit\ntaught the low-level writing routines to die() when encountering this,\nbut we can be a little friendlier to the user by detecting them earlier\nand handling them gracefully.\n\nThis patch teaches credential_from_url() to notice such components,\nissue a warning, and blank the credential (which will generally result\nin prompting the user for a username and password). We blank the whole\ncredential in this case. Another option would be to blank only the\ninvalid component. However, we\u0027re probably better off not feeding a\npartially-parsed URL result to a credential helper. We don\u0027t know how a\ngiven helper would handle it, so we\u0027re better off to err on the side of\nmatching nothing rather than something unexpected.\n\nThe die() call in credential_write() is _probably_ impossible to reach\nafter this patch. Values should end up in credential structs only by URL\nparsing (which is covered here), or by reading credential protocol input\n(which by definition cannot read a newline into a value). But we should\ndefinitely keep the low-level check, as it\u0027s our final and most accurate\nline of defense against protocol injection attacks. Arguably it could\nbecome a BUG(), but it probably doesn\u0027t matter much either way.\n\nNote that the public interface of credential_from_url() grows a little\nmore than we need here. We\u0027ll use the extra flexibility in a future\npatch to help fsck catch these cases.\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "00ee4d62db121dab46ef9988196a02f1c095104b",
      "old_mode": 33188,
      "old_path": "credential.c",
      "new_id": "eeeac3242e71caf3ab0740c0d5262f2fc4cc0c42",
      "new_mode": 33188,
      "new_path": "credential.c"
    },
    {
      "type": "modify",
      "old_id": "6b0cd16be2b96b23ae5ce14a07a8ad130af8d5bb",
      "old_mode": 33188,
      "old_path": "credential.h",
      "new_id": "122a23cd2f1418fcee331d327c0276bdaa2cd0b3",
      "new_mode": 33188,
      "new_path": "credential.h"
    },
    {
      "type": "modify",
      "old_id": "15cc3c5abb5b107f851ef2029092ca7a7d758507",
      "old_mode": 33261,
      "old_path": "t/t0300-credentials.sh",
      "new_id": "3bec445cacf0573798aa2eeda222bb298596b661",
      "new_mode": 33261,
      "new_path": "t/t0300-credentials.sh"
    }
  ]
}
