From: Michael Haggerty <mhagger@alum.mit.edu>
To: Junio C Hamano <gitster@pobox.com>
Cc: Brad King <brad.king@kitware.com>,
Johan Herland <johan@herland.net>, Jeff King <peff@peff.net>,
Vicent Marti <tanoku@gmail.com>,
git@vger.kernel.org
Subject: Re: [PATCH v2 03/27] parse_arg(): Really test that argument is properly terminated
Date: Tue, 01 Apr 2014 00:11:00 +0200 [thread overview]
Message-ID: <5339E7F4.1090805@alum.mit.edu> (raw)
In-Reply-To: <xmqqlhvq3vaj.fsf@gitster.dls.corp.google.com>
On 03/31/2014 11:36 PM, Junio C Hamano wrote:
> Michael Haggerty <mhagger@alum.mit.edu> writes:
>
>> Test that the argument is properly terminated by either whitespace or
>> a NUL character, even if it is quoted, to be consistent with the
>> non-quoted case. Adjust the tests to expect the new error message.
>> Add a docstring to the function, incorporating the comments that were
>> formerly within the function plus some added information.
>>
>> Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu>
>> ---
>> builtin/update-ref.c | 20 +++++++++++++++-----
>> t/t1400-update-ref.sh | 4 ++--
>> 2 files changed, 17 insertions(+), 7 deletions(-)
>>
>> diff --git a/builtin/update-ref.c b/builtin/update-ref.c
>> index 1292cfe..02b5f95 100644
>> --- a/builtin/update-ref.c
>> +++ b/builtin/update-ref.c
>> @@ -62,16 +62,26 @@ static void update_store_old_sha1(struct ref_update *update,
>> update->have_old = *oldvalue || line_termination;
>> }
>>
>> +/*
>> + * Parse one whitespace- or NUL-terminated, possibly C-quoted argument
>> + * and append the result to arg. Return a pointer to the terminator.
>> + * Die if there is an error in how the argument is C-quoted. This
>> + * function is only used if not -z.
>> + */
>> static const char *parse_arg(const char *next, struct strbuf *arg)
>> {
>> - /* Parse SP-terminated, possibly C-quoted argument */
>> - if (*next != '"')
>> + if (*next == '"') {
>> + const char *orig = next;
>> +
>> + if (unquote_c_style(arg, next, &next))
>> + die("badly quoted argument: %s", orig);
>> + if (*next && !isspace(*next))
>> + die("unexpected character after quoted argument: %s", orig);
>> + } else {
>> while (*next && !isspace(*next))
>> strbuf_addch(arg, *next++);
>> - else if (unquote_c_style(arg, next, &next))
>> - die("badly quoted argument: %s", next);
>> + }
>>
>> - /* Return position after the argument */
>> return next;
>> }
>>
>> diff --git a/t/t1400-update-ref.sh b/t/t1400-update-ref.sh
>> index 29391c6..774f8c5 100755
>> --- a/t/t1400-update-ref.sh
>> +++ b/t/t1400-update-ref.sh
>> @@ -356,10 +356,10 @@ test_expect_success 'stdin fails on badly quoted input' '
>> grep "fatal: badly quoted argument: \\\"master" err
>> '
>>
>> -test_expect_success 'stdin fails on arguments not separated by space' '
>> +test_expect_success 'stdin fails on junk after quoted argument' '
>> echo "create \"$a\"master" >stdin &&
>> test_must_fail git update-ref --stdin <stdin 2>err &&
>> - grep "fatal: expected SP but got: master" err
>> + grep "fatal: unexpected character after quoted argument: \\\"$a\\\"master" err
>> '
>
> Interesting.
>
> I would have expected that "We used to check only one of the two
> codepaths and the other was loose, fix it" to be accompanied by "So
> here is an _addition_ to the test suite to validate the other case
> that used to be loose, now tightened", not "We update one existing
> case". The test before and after the patch is about a c-quoted
> string, so I am not sure if we are still testing the right thing.
>
> The code in update-ref.c after the patch does look reasonable,
> though.
The old parse_arg(), when fed an argument
"refs/heads/a"master
parsed 'refs/heads/a' off of the front of the argument and considered
itself successful. It was only when parse_next_arg() tried to parse the
*next* argument that a problem was noticed. But in fact, the definition
of the input format requires arguments to be terminated by SP or NUL, so
*this* argument is already erroneous and parse_arg() should diagnose the
problem.
The point of this patch is to move the error detection for C-quoted
arguments that have trailing junk to the parse_arg() call for the broken
argument and to make the error message more descriptive of the situation.
There is no corresponding error case for non-C-quoted arguments, because
the end of the argument is *by definition* a space or NUL, so there is
no way to insert other junk between the "end" of the argument and the
argument terminator.
Michael
--
Michael Haggerty
mhagger@alum.mit.edu
http://softwareswirl.blogspot.com/
next prev parent reply other threads:[~2014-03-31 22:11 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-24 17:56 [PATCH v2 00/27] Clean up update-refs --stdin and implement ref_transaction Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 01/27] t1400: Fix name and expected result of one test Michael Haggerty
2014-03-31 21:30 ` Junio C Hamano
2014-03-31 21:49 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 02/27] t1400: Provide more usual input to the command Michael Haggerty
2014-03-31 21:28 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 03/27] parse_arg(): Really test that argument is properly terminated Michael Haggerty
2014-03-31 21:36 ` Junio C Hamano
2014-03-31 22:11 ` Michael Haggerty [this message]
2014-03-24 17:56 ` [PATCH v2 04/27] t1400: Add some more tests involving quoted arguments Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 05/27] refs.h: Rename the action_on_err constants Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 06/27] update_refs(): Fix constness Michael Haggerty
2014-03-31 21:40 ` Junio C Hamano
2014-03-31 22:16 ` Michael Haggerty
2014-03-31 22:38 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 07/27] update-ref --stdin: Read the whole input at once Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 08/27] parse_cmd_verify(): Copy old_sha1 instead of evaluating <oldvalue> twice Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 09/27] update-ref.c: Extract a new function, parse_refname() Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 10/27] update-ref --stdin: Improve error messages for invalid values Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 11/27] update-ref --stdin: Make error messages more consistent Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 12/27] update-ref --stdin: Simplify error messages for missing oldvalues Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 13/27] t1400: Test that stdin -z update treats empty <newvalue> as zeros Michael Haggerty
2014-03-31 21:48 ` Junio C Hamano
2014-03-31 22:20 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 14/27] update-ref.c: Extract a new function, parse_next_sha1() Michael Haggerty
2014-03-26 18:39 ` Brad King
2014-03-24 17:56 ` [PATCH v2 15/27] update-ref --stdin -z: Deprecate interpreting the empty string as zeros Michael Haggerty
2014-03-31 21:49 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 16/27] t1400: Test one mistake at a time Michael Haggerty
2014-03-26 18:39 ` Brad King
2014-03-31 21:50 ` Junio C Hamano
2014-03-31 22:32 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 17/27] update-ref --stdin: Improve the error message for unexpected EOF Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 18/27] update-ref --stdin: Harmonize error messages Michael Haggerty
2014-03-31 21:51 ` Junio C Hamano
2014-03-31 22:37 ` Michael Haggerty
2014-04-01 9:29 ` Michael Haggerty
2014-04-02 16:38 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 19/27] refs: Add a concept of a reference transaction Michael Haggerty
2014-03-26 18:39 ` Brad King
2014-03-26 21:42 ` Michael Haggerty
2014-04-01 19:39 ` Junio C Hamano
2014-04-02 4:57 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 20/27] update-ref --stdin: Reimplement using reference transactions Michael Haggerty
2014-04-01 19:46 ` Junio C Hamano
2014-04-02 5:03 ` Michael Haggerty
2014-04-03 15:57 ` Junio C Hamano
2014-04-04 5:02 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 21/27] refs: Remove API function update_refs() Michael Haggerty
2014-04-01 19:46 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 22/27] struct ref_update: Rename field "ref_name" to "refname" Michael Haggerty
2014-04-01 19:53 ` Junio C Hamano
2014-04-02 5:11 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 23/27] struct ref_update: Store refname as a FLEX_ARRAY Michael Haggerty
2014-04-01 19:54 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 24/27] ref_transaction_commit(): Introduce temporary variables Michael Haggerty
2014-04-01 19:26 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 25/27] struct ref_update: Add a lock member Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 26/27] struct ref_update: Add type field Michael Haggerty
2014-04-01 20:03 ` Junio C Hamano
2014-04-02 10:13 ` Michael Haggerty
2014-04-02 17:44 ` Junio C Hamano
2014-03-24 17:57 ` [PATCH v2 27/27] ref_transaction_commit(): Work with transaction->updates in place Michael Haggerty
2014-03-26 18:39 ` [PATCH v2 00/27] Clean up update-refs --stdin and implement ref_transaction Brad King
2014-03-26 21:47 ` Michael Haggerty
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5339E7F4.1090805@alum.mit.edu \
--to=mhagger@alum.mit.edu \
--cc=brad.king@kitware.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=johan@herland.net \
--cc=peff@peff.net \
--cc=tanoku@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.