From 4579bb418c2995a8459de7dba42b63a26006f9a6 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Mon, 13 Dec 2010 12:02:25 -0500 Subject: [PATCH 1/2] ident: die on bogus date format If the user gives "git commit --date=foobar", we silently ignore the --date flag. We should note the error. This patch puts the fix at the lowest level of fmt_ident, which means it also handles GIT_AUTHOR_DATE=foobar, as well. There are two down-sides to this approach: 1. Technically this breaks somebody doing something like "git commit --date=now", which happened to work because bogus data is the same as "now". Though we do explicitly handle the empty string, so anybody passing an empty variable through the environment will still work. If the error is too much, perhaps it can be downgraded to a warning? 2. The error checking happens _after_ the commit message is written, which can be annoying to the user. We can put explicit checks closer to the beginning of git-commit, but that feels a little hack-ish; suddenly git-commit has to care about how fmt_ident works. Maybe we could simply call fmt_ident earlier? Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- ident.c | 6 ++++-- t/t7501-commit.sh | 4 ++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ident.c b/ident.c index 9e2438826d..1c4adb0a9a 100644 --- a/ident.c +++ b/ident.c @@ -217,8 +217,10 @@ const char *fmt_ident(const char *name, const char *email, } strcpy(date, git_default_date); - if (!name_addr_only && date_str) - parse_date(date_str, date, sizeof(date)); + if (!name_addr_only && date_str && date_str[0]) { + if (parse_date(date_str, date, sizeof(date)) < 0) + die("invalid date format: %s", date_str); + } i = copy(buffer, sizeof(buffer), 0, name); i = add_raw(buffer, sizeof(buffer), i, " <"); diff --git a/t/t7501-commit.sh b/t/t7501-commit.sh index 8297cb4f1e..8980738c75 100755 --- a/t/t7501-commit.sh +++ b/t/t7501-commit.sh @@ -230,6 +230,10 @@ test_expect_success 'amend commit to fix date' ' ' +test_expect_success 'commit complains about bogus date' ' + test_must_fail git commit --amend --date=10.11.2010 +' + test_expect_success 'sign off (1)' ' echo 1 >positive && From 4c28e4ada03f5440251545cf91e0d81bce9b010d Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Mon, 20 Dec 2010 17:00:36 -0800 Subject: [PATCH 2/2] commit: die before asking to edit the log message When determine_author_info() returns to the calling prepare_to_commit(), we already know the pieces of information necessary to determine what author ident will be used in the final message, but deferred making a call to fmt_ident() before the final commit_tree(). Most importantly, we would open the editor to ask the user to compose the log message before it. As one important side effect of fmt_ident() is to error out when the given information is malformed, this resulted in us spawning the editor first and then refusing to commit due to error, even though we had enough information to detect the error before starting the editor, which was annoying. Move the fmt_ident() call to the end of determine_author_info() where we have final determination of author info to rectify this. Signed-off-by: Junio C Hamano --- builtin/commit.c | 54 ++++++++++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 22 deletions(-) diff --git a/builtin/commit.c b/builtin/commit.c index 66fdd22024..3bcb4b7ec0 100644 --- a/builtin/commit.c +++ b/builtin/commit.c @@ -69,7 +69,6 @@ static enum { static const char *logfile, *force_author; static const char *template_file; static char *edit_message, *use_message; -static char *author_name, *author_email, *author_date; static int all, edit_flag, also, interactive, only, amend, signoff; static int quiet, verbose, no_verify, allow_empty, dry_run, renew_authorship; static int no_post_rewrite, allow_empty_message; @@ -459,7 +458,7 @@ static int is_a_merge(const unsigned char *sha1) static const char sign_off_header[] = "Signed-off-by: "; -static void determine_author_info(void) +static void determine_author_info(struct strbuf *author_ident) { char *name, *email, *date; @@ -503,10 +502,8 @@ static void determine_author_info(void) if (force_date) date = force_date; - - author_name = name; - author_email = email; - author_date = date; + strbuf_addstr(author_ident, fmt_ident(name, email, date, + IDENT_ERROR_ON_NO_NAME)); } static int ends_rfc2822_footer(struct strbuf *sb) @@ -550,10 +547,21 @@ static int ends_rfc2822_footer(struct strbuf *sb) return 1; } +static char *cut_ident_timestamp_part(char *string) +{ + char *ket = strrchr(string, '>'); + if (!ket || ket[1] != ' ') + die("Malformed ident string: '%s'", string); + *++ket = '\0'; + return ket; +} + static int prepare_to_commit(const char *index_file, const char *prefix, - struct wt_status *s) + struct wt_status *s, + struct strbuf *author_ident) { struct stat statbuf; + struct strbuf committer_ident = STRBUF_INIT; int commitable, saved_color_setting; struct strbuf sb = STRBUF_INIT; char *buffer; @@ -637,14 +645,13 @@ static int prepare_to_commit(const char *index_file, const char *prefix, strbuf_release(&sb); - determine_author_info(); + /* This checks and barfs if author is badly specified */ + determine_author_info(author_ident); /* This checks if committer ident is explicitly given */ - git_committer_info(0); + strbuf_addstr(&committer_ident, git_committer_info(0)); if (use_editor && include_status) { - char *author_ident; - const char *committer_ident; - + char *ai_tmp, *ci_tmp; if (in_merge) fprintf(fp, "#\n" @@ -672,23 +679,21 @@ static int prepare_to_commit(const char *index_file, const char *prefix, if (only_include_assumed) fprintf(fp, "# %s\n", only_include_assumed); - author_ident = xstrdup(fmt_name(author_name, author_email)); - committer_ident = fmt_name(getenv("GIT_COMMITTER_NAME"), - getenv("GIT_COMMITTER_EMAIL")); - if (strcmp(author_ident, committer_ident)) + ai_tmp = cut_ident_timestamp_part(author_ident->buf); + ci_tmp = cut_ident_timestamp_part(committer_ident.buf); + if (strcmp(author_ident->buf, committer_ident.buf)) fprintf(fp, "%s" "# Author: %s\n", ident_shown++ ? "" : "#\n", - author_ident); - free(author_ident); + author_ident->buf); if (!user_ident_sufficiently_given()) fprintf(fp, "%s" "# Committer: %s\n", ident_shown++ ? "" : "#\n", - committer_ident); + committer_ident.buf); if (ident_shown) fprintf(fp, "#\n"); @@ -697,6 +702,9 @@ static int prepare_to_commit(const char *index_file, const char *prefix, s->use_color = 0; commitable = run_status(fp, index_file, prefix, 1, s); s->use_color = saved_color_setting; + + *ai_tmp = ' '; + *ci_tmp = ' '; } else { unsigned char sha1[20]; const char *parent = "HEAD"; @@ -712,6 +720,7 @@ static int prepare_to_commit(const char *index_file, const char *prefix, else commitable = index_differs_from(parent, 0); } + strbuf_release(&committer_ident); fclose(fp); @@ -1246,6 +1255,7 @@ static int run_rewrite_hook(const unsigned char *oldsha1, int cmd_commit(int argc, const char **argv, const char *prefix) { struct strbuf sb = STRBUF_INIT; + struct strbuf author_ident = STRBUF_INIT; const char *index_file, *reflog_msg; char *nl, *p; unsigned char commit_sha1[20]; @@ -1273,7 +1283,7 @@ int cmd_commit(int argc, const char **argv, const char *prefix) /* Set up everything for writing the commit object. This includes running hooks, writing the trees, and interacting with the user. */ - if (!prepare_to_commit(index_file, prefix, &s)) { + if (!prepare_to_commit(index_file, prefix, &s, &author_ident)) { rollback_index_files(); return 1; } @@ -1352,11 +1362,11 @@ int cmd_commit(int argc, const char **argv, const char *prefix) } if (commit_tree(sb.buf, active_cache_tree->sha1, parents, commit_sha1, - fmt_ident(author_name, author_email, author_date, - IDENT_ERROR_ON_NO_NAME))) { + author_ident.buf)) { rollback_index_files(); die("failed to write commit object"); } + strbuf_release(&author_ident); ref_lock = lock_any_ref_for_update("HEAD", initial_commit ? NULL : head_sha1,