* [PATCH] builtin-gc.c: guard config parser from value=NULL
@ 2008-02-09 1:12 Govind Salinas
0 siblings, 0 replies; 2+ messages in thread
From: Govind Salinas @ 2008-02-09 1:12 UTC (permalink / raw)
To: Git Mailing List; +Cc: Junio C Hamano
Signed-off-by: Govind Salinas <blix@sophiasuchtig.com>
---
builtin-gc.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/builtin-gc.c b/builtin-gc.c
index ac34788..ad4a75e 100644
--- a/builtin-gc.c
+++ b/builtin-gc.c
@@ -37,7 +37,7 @@ static const char *argv_rerere[] = {"rerere", "gc", NULL};
static int gc_config(const char *var, const char *value)
{
if (!strcmp(var, "gc.packrefs")) {
- if (!strcmp(value, "notbare"))
+ if (value && !strcmp(value, "notbare"))
pack_refs = -1;
else
pack_refs = git_config_bool(var, value);
--
1.5.4.36.g9af61
^ permalink raw reply related [flat|nested] 2+ messages in thread* [Janitors] value could be NULL in config parser
@ 2008-02-08 6:43 Junio C Hamano
2008-02-08 14:26 ` [PATCH] builtin-gc.c: guard config parser from value=NULL Miklos Vajna
0 siblings, 1 reply; 2+ messages in thread
From: Junio C Hamano @ 2008-02-08 6:43 UTC (permalink / raw)
To: git
If somebody wants to dip his or her toe in git hacking, and is
tempted to send in a "clean up" patch (e.g. whitespace, coding
style) that does not really _fix_ anything, please don't.
I have a task of similar complexity (meaning, reasonably easy)
that is much more useful and appreciated than clean-up patches
for you.
The callback functions that are passed to git_config() need to
be audited so that they do not barf when given NULL. Currently,
many of them are not safe.
A callback function of git_config() is called when the command
reads value from .git/config and friends. The function takes
two parameters, var and value. var is never NULL and it is the
name of the configuration variable found in the file being
read. value could be either string or NULL.
A NULL value is boolean "true". For example, on MS-DOS, you may
have something like this:
[core]
autocrlf
and your callback will be called with var = "core.autocrlf" and
value = NULL in such a case.
If you want to fix them (you do not have to do all of them, and
if you would like to help, please make one patch per function
fixed), the procedure is:
(1) Find calling sites for git_config(). For example, we find
one in archive-tar.c::write_tar_archive().
int write_tar_archive(struct archiver_args *args)
{
int plen = args->base ? strlen(args->base) : 0;
git_config(git_tar_config);
archive_time = args->time;
verbose = args->verbose;
...
(2) Look at the function that is passed to git_config().
static int git_tar_config(const char *var, const char *value)
{
if (!strcmp(var, "tar.umask")) {
if (!strcmp(value, "user")) {
tar_umask = umask(0);
umask(tar_umask);
} else {
tar_umask = git_config_int(var, value);
}
return 0;
}
return git_default_config(var, value);
}
(3) Let's fix it. If the user's configuration has:
[tar]
umask
it is an illegal configuration, but the code above does not
check for NULL, and the second strcmp() would fail. If we
guard that strcmp() with a check against NULL, we would be
Ok. git_config_int() will correctly barf telling the user
that "tar.umask" configuration is wrong.
(4) Then send in a patch. Again, one patch per fixed function,
please. The message may look like this:
-- >8 --
[PATCH] archive-tar.c: guard config parser from value=NULL
Signed-off-by: A U Thor <author@example.com>
archive-tar.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/archive-tar.c b/archive-tar.c
index e1bced5..30aa2e2 100644
--- a/archive-tar.c
+++ b/archive-tar.c
@@ -222,7 +222,7 @@ static void write_global_extended_header(const unsigned char *sha1)
static int git_tar_config(const char *var, const char *value)
{
if (!strcmp(var, "tar.umask")) {
- if (!strcmp(value, "user")) {
+ if (value && !strcmp(value, "user")) {
tar_umask = umask(0);
umask(tar_umask);
} else {
^ permalink raw reply related [flat|nested] 2+ messages in thread* [PATCH] builtin-gc.c: guard config parser from value=NULL
2008-02-08 6:43 [Janitors] value could be NULL in config parser Junio C Hamano
@ 2008-02-08 14:26 ` Miklos Vajna
0 siblings, 0 replies; 2+ messages in thread
From: Miklos Vajna @ 2008-02-08 14:26 UTC (permalink / raw)
To: Junio C Hamano; +Cc: git
Signed-off-by: Miklos Vajna <vmiklos@frugalware.org>
---
builtin-gc.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/builtin-gc.c b/builtin-gc.c
index ac34788..ad4a75e 100644
--- a/builtin-gc.c
+++ b/builtin-gc.c
@@ -37,7 +37,7 @@ static const char *argv_rerere[] = {"rerere", "gc", NULL};
static int gc_config(const char *var, const char *value)
{
if (!strcmp(var, "gc.packrefs")) {
- if (!strcmp(value, "notbare"))
+ if (value && !strcmp(value, "notbare"))
pack_refs = -1;
else
pack_refs = git_config_bool(var, value);
--
1.5.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2008-02-09 1:13 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-02-09 1:12 [PATCH] builtin-gc.c: guard config parser from value=NULL Govind Salinas
-- strict thread matches above, loose matches on Subject: below --
2008-02-08 6:43 [Janitors] value could be NULL in config parser Junio C Hamano
2008-02-08 14:26 ` [PATCH] builtin-gc.c: guard config parser from value=NULL Miklos Vajna
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).