undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f11f76b2bb
git-commit-vandalism/builtin/mktag.c

175 lines
5.2 KiB
C
Raw Normal View History

Fix sparse warnings Fix warnings from 'make check'. - These files don't include 'builtin.h' causing sparse to complain that cmd_* isn't declared: builtin/clone.c:364, builtin/fetch-pack.c:797, builtin/fmt-merge-msg.c:34, builtin/hash-object.c:78, builtin/merge-index.c:69, builtin/merge-recursive.c:22 builtin/merge-tree.c:341, builtin/mktag.c:156, builtin/notes.c:426 builtin/notes.c:822, builtin/pack-redundant.c:596, builtin/pack-refs.c:10, builtin/patch-id.c:60, builtin/patch-id.c:149, builtin/remote.c:1512, builtin/remote-ext.c:240, builtin/remote-fd.c:53, builtin/reset.c:236, builtin/send-pack.c:384, builtin/unpack-file.c:25, builtin/var.c:75 - These files have symbols which should be marked static since they're only file scope: submodule.c:12, diff.c:631, replace_object.c:92, submodule.c:13, submodule.c:14, trace.c:78, transport.c:195, transport-helper.c:79, unpack-trees.c:19, url.c:3, url.c:18, url.c:104, url.c:117, url.c:123, url.c:129, url.c:136, thread-utils.c:21, thread-utils.c:48 - These files redeclare symbols to be different types: builtin/index-pack.c:210, parse-options.c:564, parse-options.c:571, usage.c:49, usage.c:58, usage.c:63, usage.c:72 - These files use a literal integer 0 when they really should use a NULL pointer: daemon.c:663, fast-import.c:2942, imap-send.c:1072, notes-merge.c:362 While we're in the area, clean up some unused #includes in builtin files (mostly exec_cmd.h). Signed-off-by: Stephen Boyd <bebarino@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-22 08:51:05 +01:00
#include "builtin.h"
Use blob_, commit_, tag_, and tree_type throughout. This replaces occurences of "blob", "commit", "tag", and "tree", where they're really used as type specifiers, which we already have defined global constants for. Signed-off-by: Peter Eriksen <s022018@student.dtu.dk> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-04-02 14:44:09 +02:00
#include "tag.h"
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
/*
New tests and en-passant modifications to mktag. These changes were originally part of the next patch, but have been split out since they were peripheral to the main purpose of that patch. - update comment describing the signature format to reflect the current code. - remove trailing \n in calls to error(), since a \n is already provided by error(). - remove redundant call to get_sha1_hex(). - call sha1_to_hex(sha1) to convert to ascii, rather than attempting to print the raw sha1. The new tests provide a regression suite to support the modifications to git-mktag in this and the next patch. Signed-off-by: Ramsay Allan Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-07-29 19:15:47 +02:00
* A signature file has a very simple fixed format: four lines
* of "object <sha1>" + "type <typename>" + "tag <tagname>" +
* "tagger <committer>", followed by a blank line, a free-form tag
* message and a signature block that git itself doesn't care about,
* but that can be verified with gpg or similar.
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
*
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
* The first four lines are guaranteed to be at least 83 bytes:
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
* "object <sha1>\n" is 48 bytes, "type tag\n" at 9 bytes is the
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
* shortest possible type-line, "tag .\n" at 6 bytes is the shortest
* single-character-tag line, and "tagger . <> 0 +0000\n" at 20 bytes is
* the shortest possible tagger-line.
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
*/
/*
* We refuse to tag something we can't verify. Just because.
*/
mktag: call "check_sha1_signature" with the replacement sha1 Otherwise we get a "sha1 mismatch" error for replaced objects. Note that I am not sure at all that this is a good change. It may be that we should just refuse to tag a replaced object. But in this case we should probably give a meaningfull error message instead of "sha1 mismatch". Signed-off-by: Christian Couder <chriscool@tuxfamily.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-01-23 10:07:26 +01:00
static int verify_object(const unsigned char *sha1, const char *expected_type)
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
{
int ret = -1;
convert object type handling from a string to a number We currently have two parallel notation for dealing with object types in the code: a string and a numerical value. One of them is obviously redundent, and the most used one requires more stack space and a bunch of strcmp() all over the place. This is an initial step for the removal of the version using a char array found in object reading code paths. The patch is unfortunately large but there is no sane way to split it in smaller parts without breaking the system. Signed-off-by: Nicolas Pitre <nico@cam.org> Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-02-26 20:55:59 +01:00
enum object_type type;
[PATCH] delta read This makes the core code aware of delta objects and undeltafy them as needed. The convention is to use read_sha1_file() to have undeltafication done automatically (most users do that already so this is transparent). If the delta object itself has to be accessed then it must be done through map_sha1_file() and unpack_sha1_file(). In that context mktag.c has been switched to read_sha1_file() as there is no reason to do the full map+unpack manually. Signed-off-by: Nicolas Pitre <nico@cam.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-20 22:57:28 +02:00
unsigned long size;
read_sha1_file(): get rid of read_sha1_file_repl() madness Most callers want to silently get a replacement object, and they do not care what the real name of the replacement object is. Worse yet, no sane interface to return the underlying object without replacement is provided. Remove the function and make only the few callers that want the name of the replacement object find it themselves. Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-05-15 21:54:52 +02:00
void *buffer = read_sha1_file(sha1, &type, &size);
const unsigned char *repl = lookup_replace_object(sha1);
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
[PATCH] delta read This makes the core code aware of delta objects and undeltafy them as needed. The convention is to use read_sha1_file() to have undeltafication done automatically (most users do that already so this is transparent). If the delta object itself has to be accessed then it must be done through map_sha1_file() and unpack_sha1_file(). In that context mktag.c has been switched to read_sha1_file() as there is no reason to do the full map+unpack manually. Signed-off-by: Nicolas Pitre <nico@cam.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-20 22:57:28 +02:00
if (buffer) {
convert object type handling from a string to a number We currently have two parallel notation for dealing with object types in the code: a string and a numerical value. One of them is obviously redundent, and the most used one requires more stack space and a bunch of strcmp() all over the place. This is an initial step for the removal of the version using a char array found in object reading code paths. The patch is unfortunately large but there is no sane way to split it in smaller parts without breaking the system. Signed-off-by: Nicolas Pitre <nico@cam.org> Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-02-26 20:55:59 +01:00
if (type == type_from_string(expected_type))
mktag: call "check_sha1_signature" with the replacement sha1 Otherwise we get a "sha1 mismatch" error for replaced objects. Note that I am not sure at all that this is a good change. It may be that we should just refuse to tag a replaced object. But in this case we should probably give a meaningfull error message instead of "sha1 mismatch". Signed-off-by: Christian Couder <chriscool@tuxfamily.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-01-23 10:07:26 +01:00
ret = check_sha1_signature(repl, buffer, size, expected_type);
[PATCH] delta read This makes the core code aware of delta objects and undeltafy them as needed. The convention is to use read_sha1_file() to have undeltafication done automatically (most users do that already so this is transparent). If the delta object itself has to be accessed then it must be done through map_sha1_file() and unpack_sha1_file(). In that context mktag.c has been switched to read_sha1_file() as there is no reason to do the full map+unpack manually. Signed-off-by: Nicolas Pitre <nico@cam.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-20 22:57:28 +02:00
free(buffer);
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
}
return ret;
}
static int verify_tag(char *buffer, unsigned long size)
{
int typelen;
char type[20];
unsigned char sha1[20];
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
const char *object, *type_line, *tag_line, *tagger_line, *lb, *rb;
mktag.c: tweak validation of tagger field and adjust test script Update the verify_tag() function to remove an unnecessary test, and add additional check for angle brackets in the name and email field, and spaces in the email field. The timestamp and timezone sections are made more straight forward by using strspn(). Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-01 01:25:23 +02:00
size_t len;
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
if (size < 84)
New tests and en-passant modifications to mktag. These changes were originally part of the next patch, but have been split out since they were peripheral to the main purpose of that patch. - update comment describing the signature format to reflect the current code. - remove trailing \n in calls to error(), since a \n is already provided by error(). - remove redundant call to get_sha1_hex(). - call sha1_to_hex(sha1) to convert to ascii, rather than attempting to print the raw sha1. The new tests provide a regression suite to support the modifications to git-mktag in this and the next patch. Signed-off-by: Ramsay Allan Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-07-29 19:15:47 +02:00
return error("wanna fool me ? you obviously got the size wrong !");
add more informative error messages to git-mktag Signed-off-by: Björn Engelmann <BjEngelmann@gmx.de> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-05-23 20:20:09 +02:00
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
buffer[size] = 0;
/* Verify object line */
object = buffer;
if (memcmp(object, "object ", 7))
New tests and en-passant modifications to mktag. These changes were originally part of the next patch, but have been split out since they were peripheral to the main purpose of that patch. - update comment describing the signature format to reflect the current code. - remove trailing \n in calls to error(), since a \n is already provided by error(). - remove redundant call to get_sha1_hex(). - call sha1_to_hex(sha1) to convert to ascii, rather than attempting to print the raw sha1. The new tests provide a regression suite to support the modifications to git-mktag in this and the next patch. Signed-off-by: Ramsay Allan Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-07-29 19:15:47 +02:00
return error("char%d: does not start with \"object \"", 0);
add more informative error messages to git-mktag Signed-off-by: Björn Engelmann <BjEngelmann@gmx.de> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-05-23 20:20:09 +02:00
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
if (get_sha1_hex(object + 7, sha1))
New tests and en-passant modifications to mktag. These changes were originally part of the next patch, but have been split out since they were peripheral to the main purpose of that patch. - update comment describing the signature format to reflect the current code. - remove trailing \n in calls to error(), since a \n is already provided by error(). - remove redundant call to get_sha1_hex(). - call sha1_to_hex(sha1) to convert to ascii, rather than attempting to print the raw sha1. The new tests provide a regression suite to support the modifications to git-mktag in this and the next patch. Signed-off-by: Ramsay Allan Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-07-29 19:15:47 +02:00
return error("char%d: could not get SHA1 hash", 7);
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
/* Verify type line */
type_line = object + 48;
if (memcmp(type_line - 1, "\ntype ", 6))
New tests and en-passant modifications to mktag. These changes were originally part of the next patch, but have been split out since they were peripheral to the main purpose of that patch. - update comment describing the signature format to reflect the current code. - remove trailing \n in calls to error(), since a \n is already provided by error(). - remove redundant call to get_sha1_hex(). - call sha1_to_hex(sha1) to convert to ascii, rather than attempting to print the raw sha1. The new tests provide a regression suite to support the modifications to git-mktag in this and the next patch. Signed-off-by: Ramsay Allan Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-07-29 19:15:47 +02:00
return error("char%d: could not find \"\\ntype \"", 47);
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
/* Verify tag-line */
tag_line = strchr(type_line, '\n');
if (!tag_line)
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": could not find next \"\\n\"",
(uintmax_t) (type_line - buffer));
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
tag_line++;
if (memcmp(tag_line, "tag ", 4) || tag_line[4] == '\n')
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": no \"tag \" found",
(uintmax_t) (tag_line - buffer));
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
/* Get the actual type */
typelen = tag_line - type_line - strlen("type \n");
if (typelen >= sizeof(type))
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": type too long",
(uintmax_t) (type_line+5 - buffer));
add more informative error messages to git-mktag Signed-off-by: Björn Engelmann <BjEngelmann@gmx.de> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-05-23 20:20:09 +02:00
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
memcpy(type, type_line+5, typelen);
type[typelen] = 0;
/* Verify that the object matches */
if (verify_object(sha1, type))
New tests and en-passant modifications to mktag. These changes were originally part of the next patch, but have been split out since they were peripheral to the main purpose of that patch. - update comment describing the signature format to reflect the current code. - remove trailing \n in calls to error(), since a \n is already provided by error(). - remove redundant call to get_sha1_hex(). - call sha1_to_hex(sha1) to convert to ascii, rather than attempting to print the raw sha1. The new tests provide a regression suite to support the modifications to git-mktag in this and the next patch. Signed-off-by: Ramsay Allan Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-07-29 19:15:47 +02:00
return error("char%d: could not verify object %s", 7, sha1_to_hex(sha1));
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
/* Verify the tag-name: we don't allow control characters or spaces in it */
tag_line += 4;
for (;;) {
unsigned char c = *tag_line++;
if (c == '\n')
break;
if (c > ' ')
continue;
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": could not verify tag name",
(uintmax_t) (tag_line - buffer));
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
}
[PATCH] Update tags to record who made them And finally what all of this has been leading up to. The 2 line code change to record who made a tag, and the 8 line code change to check that we recorded the tag. Gosh the error checking is always so much bigger than the code :) Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-07-15 03:02:10 +02:00
/* Verify the tagger line */
tagger_line = tag_line;
mktag.c: tweak validation of tagger field and adjust test script Update the verify_tag() function to remove an unnecessary test, and add additional check for angle brackets in the name and email field, and spaces in the email field. The timestamp and timezone sections are made more straight forward by using strspn(). Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-01 01:25:23 +02:00
if (memcmp(tagger_line, "tagger ", 7))
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": could not find \"tagger \"",
(uintmax_t) (tagger_line - buffer));
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
/*
* Check for correct form for name and email
* i.e. " <" followed by "> " on _this_ line
mktag.c: tweak validation of tagger field and adjust test script Update the verify_tag() function to remove an unnecessary test, and add additional check for angle brackets in the name and email field, and spaces in the email field. The timestamp and timezone sections are made more straight forward by using strspn(). Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-01 01:25:23 +02:00
* No angle brackets within the name or email address fields.
* No spaces within the email address field.
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
*/
tagger_line += 7;
if (!(lb = strstr(tagger_line, " <")) || !(rb = strstr(lb+2, "> ")) ||
mktag.c: tweak validation of tagger field and adjust test script Update the verify_tag() function to remove an unnecessary test, and add additional check for angle brackets in the name and email field, and spaces in the email field. The timestamp and timezone sections are made more straight forward by using strspn(). Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-01 01:25:23 +02:00
strpbrk(tagger_line, "<>\n") != lb+1 ||
strpbrk(lb+2, "><\n ") != rb)
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": malformed tagger field",
(uintmax_t) (tagger_line - buffer));
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
/* Check for author name, at least one character, space is acceptable */
if (lb == tagger_line)
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": missing tagger name",
(uintmax_t) (tagger_line - buffer));
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
mktag.c: tweak validation of tagger field and adjust test script Update the verify_tag() function to remove an unnecessary test, and add additional check for angle brackets in the name and email field, and spaces in the email field. The timestamp and timezone sections are made more straight forward by using strspn(). Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-01 01:25:23 +02:00
/* timestamp, 1 or more digits followed by space */
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
tagger_line = rb + 2;
mktag.c: tweak validation of tagger field and adjust test script Update the verify_tag() function to remove an unnecessary test, and add additional check for angle brackets in the name and email field, and spaces in the email field. The timestamp and timezone sections are made more straight forward by using strspn(). Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-01 01:25:23 +02:00
if (!(len = strspn(tagger_line, "0123456789")))
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": missing tag timestamp",
(uintmax_t) (tagger_line - buffer));
mktag.c: tweak validation of tagger field and adjust test script Update the verify_tag() function to remove an unnecessary test, and add additional check for angle brackets in the name and email field, and spaces in the email field. The timestamp and timezone sections are made more straight forward by using strspn(). Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-01 01:25:23 +02:00
tagger_line += len;
if (*tagger_line != ' ')
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": malformed tag timestamp",
(uintmax_t) (tagger_line - buffer));
mktag.c: tweak validation of tagger field and adjust test script Update the verify_tag() function to remove an unnecessary test, and add additional check for angle brackets in the name and email field, and spaces in the email field. The timestamp and timezone sections are made more straight forward by using strspn(). Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-01 01:25:23 +02:00
tagger_line++;
New tests and en-passant modifications to mktag. These changes were originally part of the next patch, but have been split out since they were peripheral to the main purpose of that patch. - update comment describing the signature format to reflect the current code. - remove trailing \n in calls to error(), since a \n is already provided by error(). - remove redundant call to get_sha1_hex(). - call sha1_to_hex(sha1) to convert to ascii, rather than attempting to print the raw sha1. The new tests provide a regression suite to support the modifications to git-mktag in this and the next patch. Signed-off-by: Ramsay Allan Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-07-29 19:15:47 +02:00
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
/* timezone, 5 digits [+-]hhmm, max. 1400 */
if (!((tagger_line[0] == '+' || tagger_line[0] == '-') &&
mktag.c: tweak validation of tagger field and adjust test script Update the verify_tag() function to remove an unnecessary test, and add additional check for angle brackets in the name and email field, and spaces in the email field. The timestamp and timezone sections are made more straight forward by using strspn(). Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-01 01:25:23 +02:00
strspn(tagger_line+1, "0123456789") == 4 &&
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
tagger_line[5] == '\n' && atoi(tagger_line+1) <= 1400))
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": malformed tag timezone",
(uintmax_t) (tagger_line - buffer));
mktag.c: improve verification of tagger field and tests Since nearly its birth, git's tags have included a "tagger" field which describes the name of tagger, email of tagger, and date and time of tagging. But, this field was only loosely tested by git-mktag. Provide some thorough testing for this field and also ensure that the tag header is separated from the tag body by an empty line to reduce the convenience of creating a flawed tag. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-27 17:16:04 +01:00
tagger_line += 6;
/* Verify the blank line separating the header from the body */
if (*tagger_line != '\n')
mktag: avoid %td in format string Since v1.7.0-rc0~34 (make "mktag" a built-in, 2010-01-22), git mktag uses the C99-style %td format to print ptrdiff_t values. It falls back to %d when NO_C99_FORMAT is set, on the assumption that pre-C99 systems probably are using 32-bit pointers. But many modern systems are 64-bit and * sometimes one wants to test the NO_C99_FORMAT fallbacks using a modern development platform; * some platforms (I'm looking at you, msvc) have not gotten with the program and are still C89-only. These ptrdiff_t values are offsets from the beginning of a buffer, so a size_t or uintmax_t would work about as well. Use the latter so we can take advantage of the PRIuMAX fallback in git-compat-util.h, even on C99-challenged systems with 64-bit pointers. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-16 06:14:22 +01:00
return error("char%"PRIuMAX": trailing garbage in tag header",
(uintmax_t) (tagger_line - buffer));
[PATCH] Update tags to record who made them And finally what all of this has been leading up to. The 2 line code change to record who made a tag, and the 8 line code change to check that we recorded the tag. Gosh the error checking is always so much bigger than the code :) Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-07-15 03:02:10 +02:00
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
/* The actual stuff afterwards we don't care about.. */
return 0;
}
make "mktag" a built-in Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-22 16:34:44 +01:00
int cmd_mktag(int argc, const char **argv, const char *prefix)
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
{
Replace calls to strbuf_init(&foo, 0) with STRBUF_INIT initializer Many call sites use strbuf_init(&foo, 0) to initialize local strbuf variable "foo" which has not been accessed since its declaration. These can be replaced with a static initialization using the STRBUF_INIT macro which is just as readable, saves a function call, and takes up fewer lines. Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil> Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
2008-10-09 21:12:12 +02:00
struct strbuf buf = STRBUF_INIT;
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
unsigned char result_sha1[20];
if (argc != 1)
Replace deprecated dashed git commands in usage Signed-off-by: Alexander Potashev <aspotashev@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-01-04 19:39:27 +01:00
usage("git mktag < signaturefile");
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
Replace all read_fd use with strbuf_read, and get rid of it. This brings builtin-stripspace, builtin-tag and mktag to use strbufs. Signed-off-by: Pierre Habouzit <madcoder@debian.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-09-10 12:35:09 +02:00
if (strbuf_read(&buf, 0, 4096) < 0) {
Use die_errno() instead of die() when checking syscalls Lots of die() calls did not actually report the kind of error, which can leave the user confused as to the real problem. Use die_errno() where we check a system/library call that sets errno on failure, or one of the following that wrap such calls: Function Passes on error from -------- -------------------- odb_pack_keep open read_ancestry fopen read_in_full xread strbuf_read xread strbuf_read_file open or strbuf_read_file strbuf_readlink readlink write_in_full xwrite Signed-off-by: Thomas Rast <trast@student.ethz.ch> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-27 17:58:47 +02:00
die_errno("could not read from stdin");
git-mktag: be more careful in reading the input. Instead of always assuming it can be read with a single read() system call, loop around properly. Pointed out by Pasky, but I ended up implementing it differently from his suggested patch.
2005-05-29 21:06:32 +02:00
}
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
Avoid C99 comments, use old-style C comments instead. This doesn't make the code uglier or harder to read, yet it makes the code more portable. This also simplifies checking for other potential incompatibilities. "gcc -std=c89 -pedantic" can flag many incompatible constructs as warnings, but C99 comments will cause it to emit an error. Signed-off-by: Pavel Roskin <proski@gnu.org> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-07-10 08:57:51 +02:00
/* Verify it for some basic sanity: it needs to start with
"object <sha1>\ntype\ntagger " */
Replace all read_fd use with strbuf_read, and get rid of it. This brings builtin-stripspace, builtin-tag and mktag to use strbufs. Signed-off-by: Pierre Habouzit <madcoder@debian.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-09-10 12:35:09 +02:00
if (verify_tag(buf.buf, buf.len) < 0)
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
die("invalid tag signature file");
Replace all read_fd use with strbuf_read, and get rid of it. This brings builtin-stripspace, builtin-tag and mktag to use strbufs. Signed-off-by: Pierre Habouzit <madcoder@debian.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-09-10 12:35:09 +02:00
if (write_sha1_file(buf.buf, buf.len, tag_type, result_sha1) < 0)
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
die("unable to write tag file");
remove the artificial restriction tagsize < 8kb Signed-off-by: Björn Engelmann <BjEngelmann@gmx.de> Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-05-23 20:19:04 +02:00
Replace all read_fd use with strbuf_read, and get rid of it. This brings builtin-stripspace, builtin-tag and mktag to use strbufs. Signed-off-by: Pierre Habouzit <madcoder@debian.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-09-10 12:35:09 +02:00
strbuf_release(&buf);
Add "tag" objects that can be used to sign other objects. You use "git-mktag" to create them, and fsck-cache knows how to parse them.
2005-04-25 21:07:44 +02:00
printf("%s\n", sha1_to_hex(result_sha1));
return 0;
}
Reference in New Issue Copy Permalink