gitweb: Secure against commit-ish/tree-ish with the same name as path
[gitweb.git] / read-cache.c
index 20c9d494ac94380c9074997e9cb3c69ff1c04a3f..97c38670b45d852b2f07f3d3addb2aaf6dbd8697 100644 (file)
@@ -347,11 +347,13 @@ int add_file_to_index(const char *path, int verbose)
        ce->ce_mode = create_ce_mode(st.st_mode);
        if (!trust_executable_bit) {
                /* If there is an existing entry, pick the mode bits
-                * from it.
+                * from it, otherwise force to 644.
                 */
                int pos = cache_name_pos(path, namelen);
                if (pos >= 0)
                        ce->ce_mode = active_cache[pos]->ce_mode;
+               else
+                       ce->ce_mode = create_ce_mode(S_IFREG | 0644);
        }
 
        if (index_path(ce->sha1, path, &st, 1))