From: Johan Herland <johan@herland.net>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
Johannes Schindelin <Johannes.Schindelin@gmx.de>
Subject: [PATCH 07/21] Copy the remaining differences from verify_tag() to parse_tag_buffer_internal()
Date: Sat, 09 Jun 2007 02:15:31 +0200 [thread overview]
Message-ID: <200706090215.31731.johan@herland.net> (raw)
In-Reply-To: <200706090210.36270.johan@herland.net>
Rename parse_tag_buffer_internal() to parse_and_verify_tag_buffer() since
it now does tag object verification as well.
Add a new parameter 'thorough_verify' for turning on/off the extra code
to be run when verifying tag objects (as opposed to general parsing).
verify_tag() and parse_and_verify_tag_buffer() are now functionally
equivalent, provided that parse_and_verify_tag_buffer() is called with
item == NULL and thorough_verification != 0.
Signed-off-by: Johan Herland <johan@herland.net>
---
tag.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 48 insertions(+), 2 deletions(-)
diff --git a/tag.c b/tag.c
index b134967..3896e45 100644
--- a/tag.c
+++ b/tag.c
@@ -33,7 +33,26 @@ struct tag *lookup_tag(const unsigned char *sha1)
return (struct tag *) obj;
}
-static int parse_tag_buffer_internal(struct tag *item, const char *data, const unsigned long size)
+/*
+ * We refuse to tag something we can't verify. Just because.
+ */
+static int verify_object(unsigned char *sha1, const char *expected_type)
+{
+ int ret = -1;
+ enum object_type type;
+ unsigned long size;
+ void *buffer = read_sha1_file(sha1, &type, &size);
+
+ if (buffer) {
+ if (type == type_from_string(expected_type))
+ ret = check_sha1_signature(sha1, buffer, size, expected_type);
+ free(buffer);
+ }
+ return ret;
+}
+
+static int parse_and_verify_tag_buffer(struct tag *item,
+ const char *data, const unsigned long size, int thorough_verify)
{
#ifdef NO_C99_FORMAT
#define PD_FMT "%d"
@@ -79,6 +98,10 @@ static int parse_tag_buffer_internal(struct tag *item, const char *data, const u
tagger_line = strchr(tag_line, '\n');
if (!tagger_line++)
return error("char" PD_FMT ": could not find next \"\\n\"", tag_line - data);
+ if (thorough_verify) {
+ if (memcmp(tagger_line, "tagger ", 7) || (tagger_line[7] == '\n'))
+ return error("char" PD_FMT ": could not find \"tagger\"", tagger_line - data);
+ }
/* Get the actual type */
type_len = tag_line - type_line - strlen("type \n");
@@ -87,6 +110,29 @@ static int parse_tag_buffer_internal(struct tag *item, const char *data, const u
memcpy(type, type_line + 5, type_len);
type[type_len] = '\0';
+ if (thorough_verify) {
+ unsigned long i;
+
+ /* Verify that the object matches */
+ if (verify_object(sha1, type))
+ return error("char%d: could not verify object %s", 7, sha1_to_hex(sha1));
+
+ /* Verify the tag-name: we don't allow control characters or spaces in it */
+ for (i = 4;;) {
+ unsigned char c = tag_line[i++];
+ if (c == '\n')
+ break;
+ if (c > ' ')
+ continue;
+ return error("char" PD_FMT ": could not verify tag name", tag_line + i - data);
+ }
+
+ /* Verify the tagger line */
+ /* TODO: check for committer/tagger info */
+
+ /* The actual stuff afterwards we don't care about.. */
+ }
+
if (item) {
tag_len = tagger_line - tag_line - strlen("tag \n");
item->tag = xmalloc(tag_len + 1);
@@ -120,7 +166,7 @@ static int parse_tag_buffer_internal(struct tag *item, const char *data, const u
int parse_tag_buffer(struct tag *item, void *data, unsigned long size)
{
- return parse_tag_buffer_internal(item, (const char *) data, size);
+ return parse_and_verify_tag_buffer(item, (const char *) data, size, 0);
}
int parse_tag(struct tag *item)
--
1.5.2
next prev parent reply other threads:[~2007-06-09 0:15 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-07 22:50 error: char103: premature end of data Johannes Schindelin
2007-06-07 23:05 ` Johan Herland
2007-06-07 23:28 ` Johannes Schindelin
2007-06-07 23:47 ` Johan Herland
2007-06-07 23:55 ` Johannes Schindelin
2007-06-08 0:08 ` [PATCH] Fix failed tag parsing when tag object has no body/message (and thus ends with a single '\n') Johan Herland
2007-06-08 6:05 ` Junio C Hamano
2007-06-08 8:18 ` Johan Herland
2007-06-08 16:06 ` Junio C Hamano
2007-06-09 0:10 ` [PATCH 0/21] Refactor the tag object (take 2) Johan Herland
2007-06-09 0:12 ` [PATCH 01/21] Remove unnecessary code and comments on non-existing 8kB tag object restriction Johan Herland
2007-06-09 0:13 ` [PATCH 02/21] Return error messages when parsing fails Johan Herland
2007-06-09 18:01 ` Junio C Hamano
2007-06-09 18:28 ` Johan Herland
2007-06-09 19:42 ` [PATCH] Silence error messages unless 'thorough_verify' is set Johan Herland
2007-06-10 6:48 ` Johannes Schindelin
2007-06-10 8:15 ` Junio C Hamano
2007-06-10 10:08 ` Johannes Schindelin
2007-06-10 12:10 ` Johan Herland
2007-06-10 18:51 ` Johannes Schindelin
2007-06-10 19:16 ` Johan Herland
2007-06-10 11:47 ` [PATCH 0/4] Restructure the tag object Johan Herland
2007-06-10 11:49 ` [PATCH 1/4] Make tag names (i.e. the tag object's "tag" line) optional Johan Herland
2007-06-10 22:46 ` Junio C Hamano
2007-06-10 23:01 ` Johan Herland
2007-06-11 1:11 ` Junio C Hamano
2007-06-10 11:50 ` [PATCH 2/4] Introduce optional "keywords" on tag objects Johan Herland
2007-06-10 18:42 ` Johannes Schindelin
2007-06-10 19:04 ` Johan Herland
2007-06-10 21:43 ` Junio C Hamano
2007-06-10 23:16 ` Johan Herland
2007-06-11 1:01 ` Junio C Hamano
2007-06-10 11:50 ` [PATCH 3/4] Documentation/git-mktag: Document the changes in tag object structure Johan Herland
2007-06-10 11:50 ` [PATCH 4/4] git-mktag tests: Expand on mktag selftests according to the new " Johan Herland
2007-06-10 18:35 ` [PATCH 0/4] Restructure the tag object Johannes Schindelin
2007-06-09 0:13 ` [PATCH 03/21] Refactoring to make verify_tag() and parse_tag_buffer() more similar Johan Herland
2007-06-09 2:54 ` Johannes Schindelin
2007-06-09 10:49 ` Johan Herland
2007-06-09 0:14 ` [PATCH 04/21] Refactor verification of "tagger" line to be more similar to verification of "type" and "tagger" lines Johan Herland
2007-06-09 18:01 ` Junio C Hamano
2007-06-10 7:49 ` Johannes Schindelin
2007-06-09 0:14 ` [PATCH 05/21] Make parse_tag_buffer_internal() handle item == NULL Johan Herland
2007-06-09 18:01 ` Junio C Hamano
2007-06-10 0:45 ` [PATCH] Move check for already parsed tag object to parse_tag_buffer() wrapper function Johan Herland
2007-06-10 8:06 ` [PATCH 05/21] Make parse_tag_buffer_internal() handle item == NULL Johannes Schindelin
2007-06-09 0:15 ` [PATCH 06/21] Refactor tag name verification loop to use index 'i' instead of incrementing pointer 'tag_line' Johan Herland
2007-06-09 21:26 ` Alex Riesen
2007-06-09 21:34 ` Johan Herland
2007-06-10 8:14 ` Johannes Schindelin
2007-06-10 9:01 ` Johannes Schindelin
2007-06-09 0:15 ` Johan Herland [this message]
2007-06-09 21:31 ` [PATCH 07/21] Copy the remaining differences from verify_tag() to parse_tag_buffer_internal() Alex Riesen
2007-06-09 21:39 ` Johan Herland
2007-06-10 8:22 ` Johannes Schindelin
2007-06-09 0:15 ` [PATCH 08/21] Switch from verify_tag() to parse_and_verify_tag_buffer() for verifying tag objects in git-mktag Johan Herland
2007-06-09 0:16 ` [PATCH 09/21] Remove unneeded code from mktag.c Johan Herland
2007-06-09 21:39 ` Alex Riesen
2007-06-09 21:42 ` Johan Herland
2007-06-09 0:16 ` [PATCH 10/21] Free mktag's buffer before dying Johan Herland
2007-06-09 21:37 ` Alex Riesen
2007-06-09 21:46 ` Johan Herland
2007-06-09 22:00 ` Alex Riesen
2007-06-09 22:05 ` Johan Herland
2007-06-10 8:38 ` Johannes Schindelin
2007-06-09 0:17 ` [PATCH 11/21] Rewrite error messages; fix up line lengths Johan Herland
2007-06-10 8:38 ` Johannes Schindelin
2007-06-09 0:17 ` [PATCH 12/21] Use prefixcmp() instead of memcmp() for cleaner code with less magic numbers Johan Herland
2007-06-09 21:42 ` Alex Riesen
2007-06-09 21:47 ` Johan Herland
2007-06-10 8:41 ` Johannes Schindelin
2007-06-09 0:18 ` [PATCH 13/21] Collect skipping of header field names and calculation of line lengths in one place Johan Herland
2007-06-10 8:45 ` Johannes Schindelin
2007-06-09 0:18 ` [PATCH 14/21] Add proper parsing of "tagger" line, but only when thorough_verify is set Johan Herland
2007-06-10 8:52 ` Johannes Schindelin
2007-06-10 8:58 ` Johannes Schindelin
2007-06-09 0:19 ` [PATCH 15/21] Make tag names (i.e. the tag object's "tag" line) optional Johan Herland
2007-06-10 9:07 ` Johannes Schindelin
2007-06-09 0:19 ` [PATCH 16/21] Introduce optional "keywords" on tag objects Johan Herland
2007-06-09 21:52 ` Alex Riesen
2007-06-09 22:00 ` Johan Herland
2007-06-09 22:36 ` [PATCH] Use xstrndup() instead of xmalloc() and memcpy(); fix buglet with generating default item->keywords Johan Herland
2007-06-10 0:05 ` [PATCH 16/21] Introduce optional "keywords" on tag objects Junio C Hamano
2007-06-10 0:35 ` [PATCH] Fail if tag name and keywords is not within "printable ASCII" Johan Herland
2007-06-10 1:33 ` Junio C Hamano
2007-06-09 0:20 ` [PATCH 17/21] Update comments on tag objects in mktag.c Johan Herland
2007-06-09 0:20 ` [PATCH 18/21] git-fsck: Do thorough verification of tag objects Johan Herland
2007-06-09 0:20 ` [PATCH 19/21] Documentation/git-mktag: Document the changes in tag object structure Johan Herland
2007-06-09 0:21 ` [PATCH 20/21] git-mktag tests: Expand on mktag selftests according to the new " Johan Herland
2007-06-09 0:21 ` [PATCH 21/21] Add fsck_verify_ref_to_tag_object() to verify that refname matches name stored in tag object Johan Herland
2007-06-07 23:11 ` error: char103: premature end of data Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200706090215.31731.johan@herland.net \
--to=johan@herland.net \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).