From: Michael Haggerty <mhagger@alum.mit.edu>
To: Junio C Hamano <gitster@pobox.com>
Cc: Brad King <brad.king@kitware.com>,
Johan Herland <johan@herland.net>, Jeff King <peff@peff.net>,
Vicent Marti <tanoku@gmail.com>,
git@vger.kernel.org
Subject: Re: [PATCH v2 03/27] parse_arg(): Really test that argument is properly terminated
Date: Tue, 01 Apr 2014 00:11:00 +0200 [thread overview]
Message-ID: <5339E7F4.1090805@alum.mit.edu> (raw)
In-Reply-To: <xmqqlhvq3vaj.fsf@gitster.dls.corp.google.com>
On 03/31/2014 11:36 PM, Junio C Hamano wrote:
> Michael Haggerty <mhagger@alum.mit.edu> writes:
>
>> Test that the argument is properly terminated by either whitespace or
>> a NUL character, even if it is quoted, to be consistent with the
>> non-quoted case. Adjust the tests to expect the new error message.
>> Add a docstring to the function, incorporating the comments that were
>> formerly within the function plus some added information.
>>
>> Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu>
>> ---
>> builtin/update-ref.c | 20 +++++++++++++++-----
>> t/t1400-update-ref.sh | 4 ++--
>> 2 files changed, 17 insertions(+), 7 deletions(-)
>>
>> diff --git a/builtin/update-ref.c b/builtin/update-ref.c
>> index 1292cfe..02b5f95 100644
>> --- a/builtin/update-ref.c
>> +++ b/builtin/update-ref.c
>> @@ -62,16 +62,26 @@ static void update_store_old_sha1(struct ref_update *update,
>> update->have_old = *oldvalue || line_termination;
>> }
>>
>> +/*
>> + * Parse one whitespace- or NUL-terminated, possibly C-quoted argument
>> + * and append the result to arg. Return a pointer to the terminator.
>> + * Die if there is an error in how the argument is C-quoted. This
>> + * function is only used if not -z.
>> + */
>> static const char *parse_arg(const char *next, struct strbuf *arg)
>> {
>> - /* Parse SP-terminated, possibly C-quoted argument */
>> - if (*next != '"')
>> + if (*next == '"') {
>> + const char *orig = next;
>> +
>> + if (unquote_c_style(arg, next, &next))
>> + die("badly quoted argument: %s", orig);
>> + if (*next && !isspace(*next))
>> + die("unexpected character after quoted argument: %s", orig);
>> + } else {
>> while (*next && !isspace(*next))
>> strbuf_addch(arg, *next++);
>> - else if (unquote_c_style(arg, next, &next))
>> - die("badly quoted argument: %s", next);
>> + }
>>
>> - /* Return position after the argument */
>> return next;
>> }
>>
>> diff --git a/t/t1400-update-ref.sh b/t/t1400-update-ref.sh
>> index 29391c6..774f8c5 100755
>> --- a/t/t1400-update-ref.sh
>> +++ b/t/t1400-update-ref.sh
>> @@ -356,10 +356,10 @@ test_expect_success 'stdin fails on badly quoted input' '
>> grep "fatal: badly quoted argument: \\\"master" err
>> '
>>
>> -test_expect_success 'stdin fails on arguments not separated by space' '
>> +test_expect_success 'stdin fails on junk after quoted argument' '
>> echo "create \"$a\"master" >stdin &&
>> test_must_fail git update-ref --stdin <stdin 2>err &&
>> - grep "fatal: expected SP but got: master" err
>> + grep "fatal: unexpected character after quoted argument: \\\"$a\\\"master" err
>> '
>
> Interesting.
>
> I would have expected that "We used to check only one of the two
> codepaths and the other was loose, fix it" to be accompanied by "So
> here is an _addition_ to the test suite to validate the other case
> that used to be loose, now tightened", not "We update one existing
> case". The test before and after the patch is about a c-quoted
> string, so I am not sure if we are still testing the right thing.
>
> The code in update-ref.c after the patch does look reasonable,
> though.
The old parse_arg(), when fed an argument
"refs/heads/a"master
parsed 'refs/heads/a' off of the front of the argument and considered
itself successful. It was only when parse_next_arg() tried to parse the
*next* argument that a problem was noticed. But in fact, the definition
of the input format requires arguments to be terminated by SP or NUL, so
*this* argument is already erroneous and parse_arg() should diagnose the
problem.
The point of this patch is to move the error detection for C-quoted
arguments that have trailing junk to the parse_arg() call for the broken
argument and to make the error message more descriptive of the situation.
There is no corresponding error case for non-C-quoted arguments, because
the end of the argument is *by definition* a space or NUL, so there is
no way to insert other junk between the "end" of the argument and the
argument terminator.
Michael
--
Michael Haggerty
mhagger@alum.mit.edu
http://softwareswirl.blogspot.com/
next prev parent reply other threads:[~2014-03-31 22:11 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-24 17:56 [PATCH v2 00/27] Clean up update-refs --stdin and implement ref_transaction Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 01/27] t1400: Fix name and expected result of one test Michael Haggerty
2014-03-31 21:30 ` Junio C Hamano
2014-03-31 21:49 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 02/27] t1400: Provide more usual input to the command Michael Haggerty
2014-03-31 21:28 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 03/27] parse_arg(): Really test that argument is properly terminated Michael Haggerty
2014-03-31 21:36 ` Junio C Hamano
2014-03-31 22:11 ` Michael Haggerty [this message]
2014-03-24 17:56 ` [PATCH v2 04/27] t1400: Add some more tests involving quoted arguments Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 05/27] refs.h: Rename the action_on_err constants Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 06/27] update_refs(): Fix constness Michael Haggerty
2014-03-31 21:40 ` Junio C Hamano
2014-03-31 22:16 ` Michael Haggerty
2014-03-31 22:38 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 07/27] update-ref --stdin: Read the whole input at once Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 08/27] parse_cmd_verify(): Copy old_sha1 instead of evaluating <oldvalue> twice Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 09/27] update-ref.c: Extract a new function, parse_refname() Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 10/27] update-ref --stdin: Improve error messages for invalid values Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 11/27] update-ref --stdin: Make error messages more consistent Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 12/27] update-ref --stdin: Simplify error messages for missing oldvalues Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 13/27] t1400: Test that stdin -z update treats empty <newvalue> as zeros Michael Haggerty
2014-03-31 21:48 ` Junio C Hamano
2014-03-31 22:20 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 14/27] update-ref.c: Extract a new function, parse_next_sha1() Michael Haggerty
2014-03-26 18:39 ` Brad King
2014-03-24 17:56 ` [PATCH v2 15/27] update-ref --stdin -z: Deprecate interpreting the empty string as zeros Michael Haggerty
2014-03-31 21:49 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 16/27] t1400: Test one mistake at a time Michael Haggerty
2014-03-26 18:39 ` Brad King
2014-03-31 21:50 ` Junio C Hamano
2014-03-31 22:32 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 17/27] update-ref --stdin: Improve the error message for unexpected EOF Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 18/27] update-ref --stdin: Harmonize error messages Michael Haggerty
2014-03-31 21:51 ` Junio C Hamano
2014-03-31 22:37 ` Michael Haggerty
2014-04-01 9:29 ` Michael Haggerty
2014-04-02 16:38 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 19/27] refs: Add a concept of a reference transaction Michael Haggerty
2014-03-26 18:39 ` Brad King
2014-03-26 21:42 ` Michael Haggerty
2014-04-01 19:39 ` Junio C Hamano
2014-04-02 4:57 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 20/27] update-ref --stdin: Reimplement using reference transactions Michael Haggerty
2014-04-01 19:46 ` Junio C Hamano
2014-04-02 5:03 ` Michael Haggerty
2014-04-03 15:57 ` Junio C Hamano
2014-04-04 5:02 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 21/27] refs: Remove API function update_refs() Michael Haggerty
2014-04-01 19:46 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 22/27] struct ref_update: Rename field "ref_name" to "refname" Michael Haggerty
2014-04-01 19:53 ` Junio C Hamano
2014-04-02 5:11 ` Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 23/27] struct ref_update: Store refname as a FLEX_ARRAY Michael Haggerty
2014-04-01 19:54 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 24/27] ref_transaction_commit(): Introduce temporary variables Michael Haggerty
2014-04-01 19:26 ` Junio C Hamano
2014-03-24 17:56 ` [PATCH v2 25/27] struct ref_update: Add a lock member Michael Haggerty
2014-03-24 17:56 ` [PATCH v2 26/27] struct ref_update: Add type field Michael Haggerty
2014-04-01 20:03 ` Junio C Hamano
2014-04-02 10:13 ` Michael Haggerty
2014-04-02 17:44 ` Junio C Hamano
2014-03-24 17:57 ` [PATCH v2 27/27] ref_transaction_commit(): Work with transaction->updates in place Michael Haggerty
2014-03-26 18:39 ` [PATCH v2 00/27] Clean up update-refs --stdin and implement ref_transaction Brad King
2014-03-26 21:47 ` Michael Haggerty
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5339E7F4.1090805@alum.mit.edu \
--to=mhagger@alum.mit.edu \
--cc=brad.king@kitware.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=johan@herland.net \
--cc=peff@peff.net \
--cc=tanoku@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).