object API users + docs: check <0, not !0 with check_object_signature()

Change those users of the object API that misused check_object_signature() by assuming it returned any non-zero when the OID didn't match the expected value to check <0 instead. In practice all of this code worked before, but it wasn't consistent with rest of the users of the API. Let's also clarify what the <0 return value means in API docs. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-02-05 00:48:29 +01:00 · 2022-02-05 00:48:29 +01:00 · ee213de22d
commit ee213de22d
parent cdcaaec9a6
5 changed files with 8 additions and 6 deletions
--- a/builtin/index-pack.c
+++ b/builtin/index-pack.c
@ -1412,9 +1412,8 @@ static void fix_unresolved_deltas(struct hashfile *f)
 		if (!data)
 			continue;

-		if (check_object_signature(the_repository, &d->oid,
-					   data, size,
-					   type_name(type), NULL))
+		if (check_object_signature(the_repository, &d->oid, data, size,
+					   type_name(type), NULL) < 0)
 			die(_("local object %s is corrupt"), oid_to_hex(&d->oid));

 		/*
--- a/builtin/mktag.c
+++ b/builtin/mktag.c
@ -97,7 +97,7 @@ int cmd_mktag(int argc, const char **argv, const char *prefix)
 				&tagged_oid, &tagged_type))
 		die(_("tag on stdin did not pass our strict fsck check"));

-	if (verify_object_in_tag(&tagged_oid, &tagged_type))
+	if (verify_object_in_tag(&tagged_oid, &tagged_type) < 0)
 		die(_("tag on stdin did not refer to a valid object"));

 	if (write_object_file(buf.buf, buf.len, OBJ_TAG, &result) < 0)
--- a/cache.h
+++ b/cache.h
@ -1324,6 +1324,9 @@ int parse_loose_header(const char *hdr, struct object_info *oi);
 * object name actually matches "oid" to detect object corruption.
 * With "buf" == NULL, try reading the object named with "oid" using
 * the streaming interface and rehash it to do the same.
+ *
+ * A negative value indicates an error, usually that the OID is not
+ * what we expected, but it might also indicate another error.
 */
 int check_object_signature(struct repository *r, const struct object_id *oid,
 			   void *buf, unsigned long size, const char *type,
--- a/object-file.c
+++ b/object-file.c
@ -2613,7 +2613,7 @@ int read_loose_object(const char *path,
 		}
 		if (check_object_signature(the_repository, expected_oid,
 					   *contents, *size,
-					   oi->type_name->buf, real_oid))
+					   oi->type_name->buf, real_oid) < 0)
 			goto out;
 	}

--- a/pack-check.c
+++ b/pack-check.c
@ -143,7 +143,7 @@ static int verify_packfile(struct repository *r,
 				    oid_to_hex(&oid), p->pack_name,
 				    (uintmax_t)entries[i].offset);
 		else if (check_object_signature(r, &oid, data, size,
-						type_name(type), NULL))
+						type_name(type), NULL) < 0)
 			err = error("packed %s from %s is corrupt",
 				    oid_to_hex(&oid), p->pack_name);
 		else if (fn) {