[llvm] Avoid exposing unknown git repositories (PR #105220)

[Tulio Magno Quites Machado Filho via llvm-commits]

https://github.com/tuliom updated https://github.com/llvm/llvm-project/pull/105220

>From 0b7370329f0dc9da9f89287644c493f3fa4c9c60 Mon Sep 17 00:00:00 2001
From: Tulio Magno Quites Machado Filho <tuliom at redhat.com>
Date: Mon, 5 Aug 2024 14:29:11 -0300
Subject: [PATCH 1/2] Avoid exposing unknown git repositories

Restrict the URL that is exposed to the official LLVM repository at
Github in order to avoid exposing usernames, passwords or even private
URLS unintentionally.

Users willing to expose different Git repositories can continue to do so
by setting LLVM_FORCE_VC_REPOSITORY or CLANG_REPOSITORY_STRING.
---
 llvm/cmake/modules/VersionFromVCS.cmake | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/llvm/cmake/modules/VersionFromVCS.cmake b/llvm/cmake/modules/VersionFromVCS.cmake
index 18edbeabe3e4b5..a0068c5f725517 100644
--- a/llvm/cmake/modules/VersionFromVCS.cmake
+++ b/llvm/cmake/modules/VersionFromVCS.cmake
@@ -39,8 +39,14 @@ function(get_source_info path revision repository)
         OUTPUT_VARIABLE git_output
         ERROR_QUIET)
       if(git_result EQUAL 0)
-        string(STRIP "${git_output}" git_output)
-        set(${repository} ${git_output} PARENT_SCOPE)
+        # Avoid exposing sensitive data, e.g. usernames, passwords and
+        # private URLs.
+        string(FIND "${git_output}" "github.com/llvm/llvm-project" git_upstream)
+        if(git_upstream GREATER_EQUAL 0)
+          set(${repository} "https://github.com/llvm/llvm-project" PARENT_SCOPE)
+        else()
+          set(${repository} "forked repository" PARENT_SCOPE)
+        endif()
       else()
         set(${repository} ${path} PARENT_SCOPE)
       endif()

>From 0d18a3c6515fcee3c785cd5463e9459ed455bdb6 Mon Sep 17 00:00:00 2001
From: Tulio Magno Quites Machado Filho <tuliom at redhat.com>
Date: Thu, 29 Aug 2024 09:28:28 -0300
Subject: [PATCH 2/2] fixup! Avoid exposing unknown git repositories

---
 llvm/cmake/modules/VersionFromVCS.cmake | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/llvm/cmake/modules/VersionFromVCS.cmake b/llvm/cmake/modules/VersionFromVCS.cmake
index a0068c5f725517..5320960c41b5e2 100644
--- a/llvm/cmake/modules/VersionFromVCS.cmake
+++ b/llvm/cmake/modules/VersionFromVCS.cmake
@@ -41,11 +41,9 @@ function(get_source_info path revision repository)
       if(git_result EQUAL 0)
         # Avoid exposing sensitive data, e.g. usernames, passwords and
         # private URLs.
-        string(FIND "${git_output}" "github.com/llvm/llvm-project" git_upstream)
-        if(git_upstream GREATER_EQUAL 0)
+        string(REGEX MATCH "github.com[/:]llvm/llvm-project" git_upstream "${git_output}")
+        if(git_upstream)
           set(${repository} "https://github.com/llvm/llvm-project" PARENT_SCOPE)
-        else()
-          set(${repository} "forked repository" PARENT_SCOPE)
         endif()
       else()
         set(${repository} ${path} PARENT_SCOPE)