Merge branch 'master' of https://github.com/Plazmaz/GitPython into Plazmaz-master

Author: Byron

git/repo/base.py

@@ -9,6 +9,7 @@
 import os
 import re
 import sys
+import warnings
 
 from git.cmd import (
     Git,
@@ -86,7 +87,7 @@ class Repo(object):
     # Subclasses may easily bring in their own custom types by placing a constructor or type here
     GitCommandWrapperType = Git
 
-    def __init__(self, path=None, odbt=DefaultDBType, search_parent_directories=False):
+    def __init__(self, path=None, odbt=DefaultDBType, search_parent_directories=False, expand_vars=True):
         """Create a new Repo instance
 
         :param path:
@@ -112,12 +113,18 @@ def __init__(self, path=None, odbt=DefaultDBType, search_parent_directories=Fals
         :raise InvalidGitRepositoryError:
         :raise NoSuchPathError:
         :return: git.Repo """
+
         epath = path or os.getenv('GIT_DIR')
         if not epath:
             epath = os.getcwd()
         if Git.is_cygwin():
             epath = decygpath(epath)
-        epath = expand_path(epath or path or os.getcwd())
+
+        epath = epath or path or os.getcwd()
+        if expand_vars and ("%" in epath or "$" in epath):
+            warnings.warn("The use of environment variables in paths is deprecated" +
+                          "\nfor security reasons and may be removed in the future!!")
+        epath = expand_path(epath, expand_vars)
         if not os.path.exists(epath):
             raise NoSuchPathError(epath)
 
@@ -144,7 +151,7 @@ def __init__(self, path=None, odbt=DefaultDBType, search_parent_directories=Fals
                 sm_gitpath = find_worktree_git_dir(dotgit)
 
             if sm_gitpath is not None:
-                self.git_dir = expand_path(sm_gitpath)
+                self.git_dir = expand_path(sm_gitpath, expand_vars)
                 self._working_tree_dir = curpath
                 break
 
@@ -840,7 +847,7 @@ def blame(self, rev, file, incremental=False, **kwargs):
         return blames
 
     @classmethod
-    def init(cls, path=None, mkdir=True, odbt=DefaultDBType, **kwargs):
+    def init(cls, path=None, mkdir=True, odbt=DefaultDBType, expand_vars=True, **kwargs):
         """Initialize a git repository at the given path if specified
 
         :param path:
@@ -858,12 +865,17 @@ def init(cls, path=None, mkdir=True, odbt=DefaultDBType, **kwargs):
             the directory containing the database objects, i.e. .git/objects.
             It will be used to access all object data
 
+        :param expand_vars:
+            if specified, environment variables will not be escaped. This
+            can lead to information disclosure, allowing attackers to
+            access the contents of environment variables
+
         :parm kwargs:
             keyword arguments serving as additional options to the git-init command
 
         :return: ``git.Repo`` (the newly created repo)"""
         if path:
-            path = expand_path(path)
+            path = expand_path(path, expand_vars)
         if mkdir and path and not osp.exists(path):
             os.makedirs(path, 0o755)
 

git/util.py

@@ -341,9 +341,12 @@ def finalize_process(proc, **kwargs):
     proc.wait(**kwargs)
 
 
-def expand_path(p):
+def expand_path(p, expand_vars=True):
     try:
-        return osp.normpath(osp.abspath(osp.expandvars(osp.expanduser(p))))
+        p = osp.expanduser(p)
+        if expand_vars:
+            p = osp.expandvars(p)
+        return osp.normpath(osp.abspath(p))
     except:
         return None