Fix sparse warnings
Fix warnings from 'make check'.
- These files don't include 'builtin.h' causing sparse to complain that
cmd_* isn't declared:
builtin/clone.c:364, builtin/fetch-pack.c:797,
builtin/fmt-merge-msg.c:34, builtin/hash-object.c:78,
builtin/merge-index.c:69, builtin/merge-recursive.c:22
builtin/merge-tree.c:341, builtin/mktag.c:156, builtin/notes.c:426
builtin/notes.c:822, builtin/pack-redundant.c:596,
builtin/pack-refs.c:10, builtin/patch-id.c:60, builtin/patch-id.c:149,
builtin/remote.c:1512, builtin/remote-ext.c:240,
builtin/remote-fd.c:53, builtin/reset.c:236, builtin/send-pack.c:384,
builtin/unpack-file.c:25, builtin/var.c:75
- These files have symbols which should be marked static since they're
only file scope:
submodule.c:12, diff.c:631, replace_object.c:92, submodule.c:13,
submodule.c:14, trace.c:78, transport.c:195, transport-helper.c:79,
unpack-trees.c:19, url.c:3, url.c:18, url.c:104, url.c:117, url.c:123,
url.c:129, url.c:136, thread-utils.c:21, thread-utils.c:48
- These files redeclare symbols to be different types:
builtin/index-pack.c:210, parse-options.c:564, parse-options.c:571,
usage.c:49, usage.c:58, usage.c:63, usage.c:72
- These files use a literal integer 0 when they really should use a NULL
pointer:
daemon.c:663, fast-import.c:2942, imap-send.c:1072, notes-merge.c:362
While we're in the area, clean up some unused #includes in builtin files
(mostly exec_cmd.h).
Signed-off-by: Stephen Boyd <bebarino@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
14 years ago
|
|
|
#include "builtin.h"
|
|
|
|
#include "tag.h"
|
|
|
|
|
|
|
|
/*
|
|
|
|
* A signature file has a very simple fixed format: four lines
|
|
|
|
* of "object <sha1>" + "type <typename>" + "tag <tagname>" +
|
|
|
|
* "tagger <committer>", followed by a blank line, a free-form tag
|
|
|
|
* message and a signature block that git itself doesn't care about,
|
|
|
|
* but that can be verified with gpg or similar.
|
|
|
|
*
|
|
|
|
* The first four lines are guaranteed to be at least 83 bytes:
|
|
|
|
* "object <sha1>\n" is 48 bytes, "type tag\n" at 9 bytes is the
|
|
|
|
* shortest possible type-line, "tag .\n" at 6 bytes is the shortest
|
|
|
|
* single-character-tag line, and "tagger . <> 0 +0000\n" at 20 bytes is
|
|
|
|
* the shortest possible tagger-line.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We refuse to tag something we can't verify. Just because.
|
|
|
|
*/
|
|
|
|
static int verify_object(const struct object_id *oid, const char *expected_type)
|
|
|
|
{
|
|
|
|
int ret = -1;
|
|
|
|
enum object_type type;
|
|
|
|
unsigned long size;
|
|
|
|
void *buffer = read_sha1_file(oid->hash, &type, &size);
|
|
|
|
const unsigned char *repl = lookup_replace_object(oid->hash);
|
|
|
|
|
|
|
|
if (buffer) {
|
|
|
|
struct object_id reploid;
|
|
|
|
hashcpy(reploid.hash, repl);
|
|
|
|
|
|
|
|
if (type == type_from_string(expected_type))
|
|
|
|
ret = check_object_signature(&reploid, buffer, size, expected_type);
|
|
|
|
free(buffer);
|
|
|
|
}
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int verify_tag(char *buffer, unsigned long size)
|
|
|
|
{
|
|
|
|
int typelen;
|
|
|
|
char type[20];
|
|
|
|
struct object_id oid;
|
|
|
|
const char *object, *type_line, *tag_line, *tagger_line, *lb, *rb, *p;
|
|
|
|
size_t len;
|
|
|
|
|
|
|
|
if (size < 84)
|
|
|
|
return error("wanna fool me ? you obviously got the size wrong !");
|
|
|
|
|
|
|
|
buffer[size] = 0;
|
|
|
|
|
|
|
|
/* Verify object line */
|
|
|
|
object = buffer;
|
|
|
|
if (memcmp(object, "object ", 7))
|
|
|
|
return error("char%d: does not start with \"object \"", 0);
|
|
|
|
|
|
|
|
if (parse_oid_hex(object + 7, &oid, &p))
|
|
|
|
return error("char%d: could not get SHA1 hash", 7);
|
|
|
|
|
|
|
|
/* Verify type line */
|
|
|
|
type_line = p + 1;
|
|
|
|
if (memcmp(type_line - 1, "\ntype ", 6))
|
|
|
|
return error("char%d: could not find \"\\ntype \"", 47);
|
|
|
|
|
|
|
|
/* Verify tag-line */
|
|
|
|
tag_line = strchr(type_line, '\n');
|
|
|
|
if (!tag_line)
|
|
|
|
return error("char%"PRIuMAX": could not find next \"\\n\"",
|
|
|
|
(uintmax_t) (type_line - buffer));
|
|
|
|
tag_line++;
|
|
|
|
if (memcmp(tag_line, "tag ", 4) || tag_line[4] == '\n')
|
|
|
|
return error("char%"PRIuMAX": no \"tag \" found",
|
|
|
|
(uintmax_t) (tag_line - buffer));
|
|
|
|
|
|
|
|
/* Get the actual type */
|
|
|
|
typelen = tag_line - type_line - strlen("type \n");
|
|
|
|
if (typelen >= sizeof(type))
|
|
|
|
return error("char%"PRIuMAX": type too long",
|
|
|
|
(uintmax_t) (type_line+5 - buffer));
|
|
|
|
|
|
|
|
memcpy(type, type_line+5, typelen);
|
|
|
|
type[typelen] = 0;
|
|
|
|
|
|
|
|
/* Verify that the object matches */
|
|
|
|
if (verify_object(&oid, type))
|
|
|
|
return error("char%d: could not verify object %s", 7, oid_to_hex(&oid));
|
|
|
|
|
|
|
|
/* Verify the tag-name: we don't allow control characters or spaces in it */
|
|
|
|
tag_line += 4;
|
|
|
|
for (;;) {
|
|
|
|
unsigned char c = *tag_line++;
|
|
|
|
if (c == '\n')
|
|
|
|
break;
|
|
|
|
if (c > ' ')
|
|
|
|
continue;
|
|
|
|
return error("char%"PRIuMAX": could not verify tag name",
|
|
|
|
(uintmax_t) (tag_line - buffer));
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Verify the tagger line */
|
|
|
|
tagger_line = tag_line;
|
|
|
|
|
|
|
|
if (memcmp(tagger_line, "tagger ", 7))
|
|
|
|
return error("char%"PRIuMAX": could not find \"tagger \"",
|
|
|
|
(uintmax_t) (tagger_line - buffer));
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Check for correct form for name and email
|
|
|
|
* i.e. " <" followed by "> " on _this_ line
|
|
|
|
* No angle brackets within the name or email address fields.
|
|
|
|
* No spaces within the email address field.
|
|
|
|
*/
|
|
|
|
tagger_line += 7;
|
|
|
|
if (!(lb = strstr(tagger_line, " <")) || !(rb = strstr(lb+2, "> ")) ||
|
|
|
|
strpbrk(tagger_line, "<>\n") != lb+1 ||
|
|
|
|
strpbrk(lb+2, "><\n ") != rb)
|
|
|
|
return error("char%"PRIuMAX": malformed tagger field",
|
|
|
|
(uintmax_t) (tagger_line - buffer));
|
|
|
|
|
|
|
|
/* Check for author name, at least one character, space is acceptable */
|
|
|
|
if (lb == tagger_line)
|
|
|
|
return error("char%"PRIuMAX": missing tagger name",
|
|
|
|
(uintmax_t) (tagger_line - buffer));
|
|
|
|
|
|
|
|
/* timestamp, 1 or more digits followed by space */
|
|
|
|
tagger_line = rb + 2;
|
|
|
|
if (!(len = strspn(tagger_line, "0123456789")))
|
|
|
|
return error("char%"PRIuMAX": missing tag timestamp",
|
|
|
|
(uintmax_t) (tagger_line - buffer));
|
|
|
|
tagger_line += len;
|
|
|
|
if (*tagger_line != ' ')
|
|
|
|
return error("char%"PRIuMAX": malformed tag timestamp",
|
|
|
|
(uintmax_t) (tagger_line - buffer));
|
|
|
|
tagger_line++;
|
|
|
|
|
|
|
|
/* timezone, 5 digits [+-]hhmm, max. 1400 */
|
|
|
|
if (!((tagger_line[0] == '+' || tagger_line[0] == '-') &&
|
|
|
|
strspn(tagger_line+1, "0123456789") == 4 &&
|
|
|
|
tagger_line[5] == '\n' && atoi(tagger_line+1) <= 1400))
|
|
|
|
return error("char%"PRIuMAX": malformed tag timezone",
|
|
|
|
(uintmax_t) (tagger_line - buffer));
|
|
|
|
tagger_line += 6;
|
|
|
|
|
|
|
|
/* Verify the blank line separating the header from the body */
|
|
|
|
if (*tagger_line != '\n')
|
|
|
|
return error("char%"PRIuMAX": trailing garbage in tag header",
|
|
|
|
(uintmax_t) (tagger_line - buffer));
|
|
|
|
|
|
|
|
/* The actual stuff afterwards we don't care about.. */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int cmd_mktag(int argc, const char **argv, const char *prefix)
|
|
|
|
{
|
|
|
|
struct strbuf buf = STRBUF_INIT;
|
|
|
|
struct object_id result;
|
|
|
|
|
|
|
|
if (argc != 1)
|
usage: do not insist that standard input must come from a file
The synopsys text and the usage string of subcommands that read list
of things from the standard input are often shown like this:
git gostak [--distim] < <list-of-doshes>
This is problematic in a number of ways:
* The way to use these commands is more often to feed them the
output from another command, not feed them from a file.
* Manual pages outside Git, commands that operate on the data read
from the standard input, e.g "sort", "grep", "sed", etc., are not
described with such a "< redirection-from-file" in their synopsys
text. Our doing so introduces inconsistency.
* We do not insist on where the output should go, by saying
git gostak [--distim] < <list-of-doshes> > <output>
* As it is our convention to enclose placeholders inside <braket>,
the redirection operator followed by a placeholder filename
becomes very hard to read, both in the documentation and in the
help text.
Let's clean them all up, after making sure that the documentation
clearly describes the modes that take information from the standard
input and what kind of things are expected on the input.
[jc: stole example for fmt-merge-msg from Jonathan]
Helped-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
9 years ago
|
|
|
usage("git mktag");
|
|
|
|
|
|
|
|
if (strbuf_read(&buf, 0, 4096) < 0) {
|
|
|
|
die_errno("could not read from stdin");
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Verify it for some basic sanity: it needs to start with
|
|
|
|
"object <sha1>\ntype\ntagger " */
|
|
|
|
if (verify_tag(buf.buf, buf.len) < 0)
|
|
|
|
die("invalid tag signature file");
|
|
|
|
|
|
|
|
if (write_object_file(buf.buf, buf.len, tag_type, &result) < 0)
|
|
|
|
die("unable to write tag file");
|
|
|
|
|
|
|
|
strbuf_release(&buf);
|
|
|
|
printf("%s\n", oid_to_hex(&result));
|
|
|
|
return 0;
|
|
|
|
}
|