From: Jakub Narebski <jnareb@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: Mark Rada <marada@uwaterloo.ca>, git@vger.kernel.org
Subject: Re: [RFC/PATCH v4 1/2] gitweb: check given hash before trying to create snapshot
Date: Sun, 13 Sep 2009 17:03:45 +0200 [thread overview]
Message-ID: <200909131703.45806.jnareb@gmail.com> (raw)
In-Reply-To: <7vy6oj1jug.fsf@alter.siamese.dyndns.org>
On Sun, 13 Sep 2009, Junio C Hamano wrote:
> Mark Rada <marada@uwaterloo.ca> writes:
>> On 09-09-12 11:30 PM, Junio C Hamano wrote:
>>>> @@ -5196,8 +5202,9 @@ sub git_snapshot {
>>>> die_error(403, "Unsupported snapshot format");
>>>> }
>>>>
>>>> - if (!defined $hash) {
>>>> - $hash = git_get_head_hash($project);
>>>> + my $full_hash = git_get_full_hash($project, $hash);
>>>> + if (!$full_hash) {
>>>> + die_error(404, 'Hash id was not valid');
>>>> }
>>>
>>> This is in the context of "snapshot", so obviously you care more about
>>> just "such an object exists", don't you? You also want it to be a
>>> tree-ish. Try giving it $hash = 'junio-gpg-pub' and see how it breaks.
>>
>> You have confused me. How is using 'junio-gpg-pub' different from the
>> second test case that tries to use 'frizzumFrazzum'?
>
> junio-gpg-pub tag exists in git.git but it tags a blob not a tree.
>
> $ git rev-parse junio-gpg-pub
> 6019c27d966fe3ce8adcc0e9f12078eef96ca6ef
> $ git archive junio-gpg-pub
> fatal: not a tree object
So the proper solution with respect to snapshot parameters validation
would be to use
my $type = git_get_type("$hash^{}");
and check it:
* if $type is empty or undef (if it is false-ish) then requested object
does not exist and we return '404 - No such object' (or something like
that)
* if $type is 'blob' then we return '400 - Object is not a tree-ish'
(or something like that)
* otherwise $type is 'commit' or 'tree'
--
Jakub Narebski
Poland
next prev parent reply other threads:[~2009-09-13 15:04 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-13 0:09 [RFC/PATCH v4 1/2] gitweb: check given hash before trying to create snapshot Mark Rada
2009-09-13 3:30 ` Junio C Hamano
2009-09-13 5:37 ` Mark Rada
2009-09-13 5:42 ` Junio C Hamano
2009-09-13 15:03 ` Jakub Narebski [this message]
-- strict thread matches above, loose matches on Subject: below --
2009-09-12 23:03 Mark Rada
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200909131703.45806.jnareb@gmail.com \
--to=jnareb@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=marada@uwaterloo.ca \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.