[2/2] bugreport: add config values from safelist
diff mbox series

Message ID 20200624012827.34126-3-emilyshaffer@google.com
State New
Headers show
Series
  • bugreport: report configs from safelist
Related show

Commit Message

Emily Shaffer June 24, 2020, 1:28 a.m. UTC
Teach bugreport to gather the values of config options which are present
in 'bugreport-config-safelist.h', and show their origin scope.

Many config options are sensitive, and many Git add-ons use config
options which git-core does not know about; it is better only to gather
config options which we know to be safe, rather than excluding options
which we know to be unsafe.

Rather than including the path to someone's config, which can reveal
filesystem layout and project names, just name the scope (e.g. system,
global, local) of the config source.

Signed-off-by: Emily Shaffer <emilyshaffer@google.com>
---
 Documentation/git-bugreport.txt |  1 +
 Makefile                        |  2 ++
 bugreport.c                     | 28 ++++++++++++++++++++++++++++
 3 files changed, 31 insertions(+)

Patch
diff mbox series

diff --git a/Documentation/git-bugreport.txt b/Documentation/git-bugreport.txt
index 66e88c2e31..827063d69b 100644
--- a/Documentation/git-bugreport.txt
+++ b/Documentation/git-bugreport.txt
@@ -30,6 +30,7 @@  The following information is captured automatically:
  - Compiler-specific info string
  - A list of enabled hooks
  - $SHELL
+ - Selected config values
 
 This tool is invoked via the typical Git setup process, which means that in some
 cases, it might not be able to launch - for example, if a relevant config file
diff --git a/Makefile b/Makefile
index 11d4029003..a88f918c77 100644
--- a/Makefile
+++ b/Makefile
@@ -2132,6 +2132,8 @@  git$X: git.o GIT-LDFLAGS $(BUILTIN_OBJS) $(GITLIBS)
 
 help.sp help.s help.o: command-list.h
 
+bugreport.sp bugreport.s bugreport.o: bugreport-config-safelist.h
+
 builtin/help.sp builtin/help.s builtin/help.o: config-list.h GIT-PREFIX
 builtin/help.sp builtin/help.s builtin/help.o: EXTRA_CPPFLAGS = \
 	'-DGIT_HTML_PATH="$(htmldir_relative_SQ)"' \
diff --git a/bugreport.c b/bugreport.c
index 28f4568b01..f988939bba 100644
--- a/bugreport.c
+++ b/bugreport.c
@@ -4,6 +4,8 @@ 
 #include "help.h"
 #include "compat/compiler.h"
 #include "run-command.h"
+#include "config.h"
+#include "bugreport-config-safelist.h"
 
 
 static void get_system_info(struct strbuf *sys_info)
@@ -86,6 +88,29 @@  static void get_populated_hooks(struct strbuf *hook_info, int nongit)
 			strbuf_addf(hook_info, "%s\n", hook[i]);
 }
 
+static void get_safelisted_config(struct strbuf *config_info)
+{
+	size_t idx;
+	struct string_list_item *it = NULL;
+	struct key_value_info *kv_info = NULL;
+
+	for (idx = 0; idx < ARRAY_SIZE(bugreport_config_safelist); idx++) {
+		const struct string_list *list =
+			git_config_get_value_multi(bugreport_config_safelist[idx]);
+
+		if (!list)
+			continue;
+
+		strbuf_addf(config_info, "%s:\n", bugreport_config_safelist[idx]);
+		for_each_string_list_item(it, list) {
+			kv_info = it->util;
+			strbuf_addf(config_info, "  %s (%s)\n", it->string,
+				    kv_info ? config_scope_name(kv_info->scope)
+					    : _("source unknown"));
+		}
+	}
+}
+
 static const char * const bugreport_usage[] = {
 	N_("git bugreport [-o|--output-directory <file>] [-s|--suffix <format>]"),
 	NULL
@@ -172,6 +197,9 @@  int cmd_main(int argc, const char **argv)
 	get_header(&buffer, _("Enabled Hooks"));
 	get_populated_hooks(&buffer, nongit_ok);
 
+	get_header(&buffer, _("Safelisted Config Info"));
+	get_safelisted_config(&buffer);
+
 	/* fopen doesn't offer us an O_EXCL alternative, except with glibc. */
 	report = open(report_path.buf, O_CREAT | O_EXCL | O_WRONLY, 0666);