Details
-
Bug
-
Resolution: Fixed
-
Low
-
7.0.0, 7.1.0
-
None
-
Severity 2 - Major
-
Description
Issue Summary
When a git command is run without setting an explicit execution timeout, the default value is not applied and the command runs with only an idle timeout.
Notes:
- The idle timeout is more aggressive than the execution timeout and is generally sufficient to prevent rogue processes
- Many git commands, including and especially those used for hosting (e.g. git http-backend, git receive-pack, git upload-archive and git upload-pack) and garbage collection (e.g. git pack-refs, git prune and git repack) are always run with explicit execution timeouts, which are applied correctly
Steps to Reproduce
N/A
Expected Results
Commands without an explicit execution timeout set should have a default applied.
Actual Results
Only commands with explicit execution timeout apply one, and commands which don't have one run with only an idle timeout applied.
Workaround
There is no workaround for this issue. App developers can update their apps to specify explicit timeouts, but, as noted above, the idle timeout, which is applied, is generally sufficient.