From: Junio C Hamano <gitster@pobox.com>
To: Karthik Nayak <karthik.188@gmail.com>
Cc: git@vger.kernel.org, jacob.keller@gmail.com
Subject: Re: [PATCH v7 16/17] branch: use ref-filter printing APIs
Date: Thu, 17 Nov 2016 14:05:51 -0800 [thread overview]
Message-ID: <xmqqa8cxoj7k.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <xmqqinrlopge.fsf@gitster.mtv.corp.google.com> (Junio C. Hamano's message of "Thu, 17 Nov 2016 11:50:57 -0800")
Junio C Hamano <gitster@pobox.com> writes:
> One worry that I have is if the strings embedded in this function to
> the final format are safe. As far as I can tell, the pieces of
> strings that are literally inserted into the resulting format string
> by this function are maxwidth, remote_prefix, and return values from
> branch_get_color() calls.
>
> The maxwidth is inserted via "%d" and made into decimal constant,
> and there is no risk for it being in the resulting format. Are
> the return values of branch_get_color() calls safe? I do not think
> they can have '%' in them, but if they do, they need to be quoted.
> The same worry exists for remote_prefix. Currently it can either be
> an empty string or "remotes/", and is safe to be embedded in a
> format string.
In case it was not clear, in short, I do not think there is anything
broken in the code, but it is a longer-term improvement to introduce
a helper that takes a string and returns a version of the string
that is safely quoted to be used in the for-each-ref format string
use it like so:
strbuf_addf(&remote,
"%s"
"%%(align:%d,left)%s%%(refname:strip=2)%%(end)"
...
"%%(else) %%(objectname:short=7) %%(contents:subject)%%(end)",
quote_literal_for_format(branch_get_color(BRANCH_COLOR_REMOTE)),
...);
and the implementation of the helper may look like:
const char *quote_literal_for_format(const char *s)
{
static strbuf buf = STRBUF_INIT;
strbuf_reset(&buf);
while (*s) {
const char *ep = strchrnul(s, '%');
if (s < ep)
strbuf_add(&buf, s, ep - s);
if (*ep == '%') {
strbuf_addstr(&buf, "%%");
s = ep + 1;
} else {
s = ep;
}
}
return buf.buf;
}
next prev parent reply other threads:[~2016-11-17 22:05 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-08 20:11 [PATCH v7 00/17] port branch.c to use ref-filter's printing options Karthik Nayak
2016-11-08 20:11 ` [PATCH v7 01/17] ref-filter: implement %(if), %(then), and %(else) atoms Karthik Nayak
2016-11-08 23:13 ` Jacob Keller
2016-11-10 17:11 ` Karthik Nayak
2016-11-10 23:20 ` Junio C Hamano
2016-11-11 9:13 ` Karthik Nayak
2016-11-10 23:13 ` Junio C Hamano
2016-11-11 9:10 ` Karthik Nayak
2016-11-08 20:11 ` [PATCH v7 02/17] ref-filter: include reference to 'used_atom' within 'atom_value' Karthik Nayak
2016-11-08 23:16 ` Jacob Keller
2016-11-10 17:16 ` Karthik Nayak
2016-11-08 20:11 ` [PATCH v7 03/17] ref-filter: implement %(if:equals=<string>) and %(if:notequals=<string>) Karthik Nayak
2016-11-08 23:22 ` Jacob Keller
2016-11-10 17:31 ` Karthik Nayak
2016-11-11 5:27 ` Jacob Keller
2016-11-10 23:26 ` Junio C Hamano
2016-11-11 5:25 ` Jacob Keller
2016-11-12 9:19 ` Karthik Nayak
2016-11-18 19:58 ` Jakub Narębski
2016-11-20 7:23 ` Karthik Nayak
2016-11-08 20:11 ` [PATCH v7 04/17] ref-filter: modify "%(objectname:short)" to take length Karthik Nayak
2016-11-08 23:27 ` Jacob Keller
2016-11-10 17:36 ` Karthik Nayak
2016-11-11 5:29 ` Jacob Keller
2016-11-12 9:56 ` Karthik Nayak
2016-11-10 23:32 ` Junio C Hamano
2016-11-08 20:11 ` [PATCH v7 05/17] ref-filter: move get_head_description() from branch.c Karthik Nayak
2016-11-08 23:31 ` Jacob Keller
2016-11-10 19:01 ` Karthik Nayak
2016-11-08 20:12 ` [PATCH v7 06/17] ref-filter: introduce format_ref_array_item() Karthik Nayak
2016-11-08 23:32 ` Jacob Keller
2016-11-08 20:12 ` [PATCH v7 07/17] ref-filter: make %(upstream:track) prints "[gone]" for invalid upstreams Karthik Nayak
2016-11-08 23:37 ` Jacob Keller
2016-11-12 18:48 ` Karthik Nayak
2016-11-08 20:12 ` [PATCH v7 08/17] ref-filter: add support for %(upstream:track,nobracket) Karthik Nayak
2016-11-08 23:45 ` Jacob Keller
2016-11-12 20:01 ` Karthik Nayak
2016-11-08 20:12 ` [PATCH v7 09/17] ref-filter: make "%(symref)" atom work with the ':short' modifier Karthik Nayak
2016-11-08 23:46 ` Jacob Keller
2016-11-18 21:34 ` Jakub Narębski
2016-11-20 7:31 ` Karthik Nayak
2016-11-08 20:12 ` [PATCH v7 10/17] ref-filter: introduce refname_atom_parser_internal() Karthik Nayak
2016-11-18 21:36 ` Jakub Narębski
2016-11-20 7:34 ` Karthik Nayak
2016-11-08 20:12 ` [PATCH v7 11/17] ref-filter: introduce symref_atom_parser() and refname_atom_parser() Karthik Nayak
2016-11-08 23:52 ` Jacob Keller
2016-11-12 20:12 ` Karthik Nayak
2016-11-08 20:12 ` [PATCH v7 12/17] ref-filter: make remote_ref_atom_parser() use refname_atom_parser_internal() Karthik Nayak
2016-11-08 23:54 ` Jacob Keller
2016-11-08 20:12 ` [PATCH v7 13/17] ref-filter: add `:dir` and `:base` options for ref printing atoms Karthik Nayak
2016-11-08 23:58 ` Jacob Keller
2016-11-13 14:07 ` Karthik Nayak
2016-11-14 1:55 ` Junio C Hamano
2016-11-14 19:36 ` Karthik Nayak
2016-11-14 19:51 ` Junio C Hamano
2016-11-15 6:48 ` Karthik Nayak
2016-11-15 7:55 ` Jacob Keller
2016-11-15 7:56 ` Jacob Keller
2016-11-15 17:42 ` Junio C Hamano
2016-11-15 21:19 ` Jacob Keller
2016-11-16 7:58 ` Karthik Nayak
2016-11-17 18:35 ` Junio C Hamano
2016-11-18 7:33 ` Karthik Nayak
2016-11-18 8:19 ` Jacob Keller
2016-11-18 18:18 ` Junio C Hamano
2016-11-18 21:49 ` Jakub Narębski
2016-11-20 15:16 ` Karthik Nayak
2016-11-20 16:52 ` Karthik Nayak
2016-11-20 17:32 ` Junio C Hamano
2016-11-20 18:43 ` Jakub Narębski
2016-11-22 18:34 ` Karthik Nayak
2016-11-08 20:12 ` [PATCH v7 14/17] ref-filter: allow porcelain to translate messages in the output Karthik Nayak
2016-11-09 0:00 ` Jacob Keller
2016-11-18 22:46 ` Jakub Narębski
2016-11-20 15:33 ` Karthik Nayak
2016-11-21 8:41 ` Matthieu Moy
2016-11-22 18:33 ` Karthik Nayak
2016-11-08 20:12 ` [PATCH v7 15/17] branch, tag: use porcelain output Karthik Nayak
2016-11-09 0:01 ` Jacob Keller
2016-11-08 20:12 ` [PATCH v7 16/17] branch: use ref-filter printing APIs Karthik Nayak
2016-11-09 0:14 ` Jacob Keller
2016-11-14 19:23 ` Karthik Nayak
2016-11-15 1:36 ` Jacob Keller
2016-11-17 19:50 ` Junio C Hamano
2016-11-17 22:05 ` Junio C Hamano [this message]
2016-11-22 18:31 ` Karthik Nayak
2016-11-08 20:12 ` [PATCH v7 17/17] branch: implement '--format' option Karthik Nayak
2016-11-09 0:15 ` [PATCH v7 00/17] port branch.c to use ref-filter's printing options Jacob Keller
2016-11-14 19:24 ` Karthik Nayak
2016-11-15 20:43 ` Junio C Hamano
2016-11-15 20:57 ` Re* " Junio C Hamano
2016-11-16 15:31 ` Karthik Nayak
2016-11-18 23:31 ` Junio C Hamano
2016-11-20 7:08 ` Karthik Nayak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqa8cxoj7k.fsf@gitster.mtv.corp.google.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=jacob.keller@gmail.com \
--cc=karthik.188@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.