Re: [PATCH v2] mktag.c: improve verification of tagger field and tests

git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Junio C Hamano <gitster@pobox.com>
To: Brandon Casey <casey@nrlssc.navy.mil>
Cc: Carlos Rica <jasampler@gmail.com>,
	Git Mailing List <git@vger.kernel.org>
Subject: Re: [PATCH v2] mktag.c: improve verification of tagger field and tests
Date: Mon, 31 Mar 2008 01:40:22 -0700	[thread overview]
Message-ID: <7vr6drl215.fsf@gitster.siamese.dyndns.org> (raw)
In-Reply-To: 47EBC844.3020602@nrlssc.navy.mil

Brandon Casey <casey@nrlssc.navy.mil> writes:

> @@ -97,11 +98,53 @@ static int verify_tag(char *buffer, unsigned long size)
>  	/* Verify the tagger line */
>  	tagger_line = tag_line;
>  
> -	if (memcmp(tagger_line, "tagger", 6) || (tagger_line[6] == '\n'))
> -		return error("char" PD_FMT ": could not find \"tagger\"", tagger_line - buffer);
> +	if (memcmp(tagger_line, "tagger ", 7) || (tagger_line[7] == '\n'))
> +		return error("char" PD_FMT ": could not find \"tagger \"",
> +			tagger_line - buffer);

You increment tagger_line by 7 after this step, so it might be a good idea
to make sure [7] != '\0', but does it make sense to compare it with '\n'
here?  I can see the original compared [6] with '\n', but I do not think
it makes sense to inherit it when you are "improving" the validation.

> +	/*
> +	 * Check for correct form for name and email
> +	 * i.e. " <" followed by "> " on _this_ line
> +	 */
> +	tagger_line += 7;
> +	if (!(lb = strstr(tagger_line, " <")) || !(rb = strstr(lb+2, "> ")) ||
> +		strchr(tagger_line, '\n') < rb)
> +		return error("char" PD_FMT ": malformed tagger",
> +			tagger_line - buffer);

The intention is 'on the line there must be " <" followed by something
followed by "> " before the end of line.'.  That's fine, but can the last
strchr() ever return NULL?

> +	if (lb == tagger_line)
> +		return error("char" PD_FMT ": missing tagger name",
> +			tagger_line - buffer);
> +
> +	/* timestamp */
> +	tagger_line = rb + 2;
> +	if (*tagger_line == ' ')
> +		return error("char" PD_FMT ": malformed tag timestamp",
> +			tagger_line - buffer);

'After "> ", there has to be the timestamp'.

> +	for (;;) {
> +		unsigned char c = *tagger_line++;
> +		if (c == ' ')
> +			break;
> +		if (isdigit(c))
> +			continue;
> +		return error("char" PD_FMT ": malformed tag timestamp",
> +			tagger_line - buffer);
> +	}

If the char immediately after "> " is ' ', it definitely is bogus, and you
want to make sure one or more digits, so the validation is correct but
feels a bit roundabout.

> +	/* timezone, 5 digits [+-]hhmm, max. 1400 */
> +	if (!((tagger_line[0] == '+' || tagger_line[0] == '-') &&
> +	      isdigit(tagger_line[1]) && isdigit(tagger_line[2]) &&
> +	      isdigit(tagger_line[3]) && isdigit(tagger_line[4]) &&
> +	      tagger_line[5] == '\n' && atoi(tagger_line+1) <= 1400))
> +		return error("char" PD_FMT ": malformed tag timezone",
> +			tagger_line - buffer);
> +	tagger_line += 6;

The open-coded strtoul() bothers me a bit, but it is not much longer nor
less readable than:

        (*tagger_line == '+' || *tagger_line == '-')
        && strtoul(tagger_line + 1, &ep, 10) <= 1400
        && ep - (tagger_line + 1) == 4
        && *ep == '\n'

so it probably is fine.

> +	/* Verify the blank line separating the header from the body */
> +	if (*tagger_line != '\n')
> +		return error("char" PD_FMT ": trailing garbage in tag header",
> +			tagger_line - buffer);

Having said all that, I'll queue this in 'next'; perhaps we can fix it up
real quick and merge it in 1.5.5.

next prev parent reply	other threads:[~2008-03-31  8:41 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1206490795-13247-1-git-send-email-casey@nrlssc.navy.mil>
2008-03-26  0:40 ` [PATCH] mktag.c: improve verification of tagger field and tests Brandon Casey
2008-03-26  0:44   ` Brandon Casey
2008-03-26 11:21   ` Carlos Rica
2008-03-26 16:26     ` Brandon Casey
2008-03-26 16:37       ` Brandon Casey
2008-03-26 16:45       ` Junio C Hamano
2008-03-26 21:03         ` Brandon Casey
2008-03-27 16:16           ` [PATCH v2] " Brandon Casey
2008-03-31  8:40             ` Junio C Hamano [this message]
2008-03-31 16:04               ` Brandon Casey
2008-03-31 23:25                 ` [PATCH] mktag.c: tweak validation of tagger field and adjust test script Brandon Casey
2008-04-01  5:39                   ` Junio C Hamano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7vr6drl215.fsf@gitster.siamese.dyndns.org \
    --to=gitster@pobox.com \
    --cc=casey@nrlssc.navy.mil \
    --cc=git@vger.kernel.org \
    --cc=jasampler@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).