Re: pathspec: problems with too long command line
- Date: Wed, 21 Nov 2018 08:21:52 -0500
- From: Jeff King <peff@xxxxxxxx>
- Subject: Re: pathspec: problems with too long command line
On Wed, Nov 21, 2018 at 10:23:34AM +0100, Marc Strapetz wrote:
> From our GUI client we are invoking git operations on a possibly large set
> of files. This may result in pathspecs which are exceeding the maximum
> command line length, especially on Windows  and OSX . To workaround
> this problem we are currently splitting up such operations by invoking
> multiple git commands. This works well for some commands (like add), but
> doesn't work well for others (like commit).
> A possible solution could be to add another patchspec magic word which will
> read paths from a file instead of command line. A similar approach can be
> found in Mercurial with its "listfile:" pattern .
> Does that sound reasonable? If so, we should be able to provide a
> corresponding patch.
Quite a few commands take --stdin, which can be used to send pathspecs
(and often other stuff) without size limits. I don't think either
"commit" or "add" does, but that might be another route.
I'm slightly nervous at a pathspec that starts reading arbitrary files,
because I suspect there may be interesting ways to abuse it for services
which expose Git. E.g., if I have a web service which can show the
history of a file, I might take a $file parameter from the client and
run "git rev-list -- $file" (handling shell quoting, of course). That's
OK now, but with the proposed pathspec magic, a malicious user could ask
for ":(from-file=/etc/passwd)" or whatever.
I dunno. Maybe that is overly paranoid, and certainly servers like that
are a subset of users. And perhaps such servers should be specifying