kernel
/
git
mirror of https://git.kernel.org/pub/scm/git/git.git
1
0
Fork 0
Code Releases Activity

mktag.c: tweak validation of tagger field and adjust test script 

Update the verify_tag() function to remove an unnecessary test, and add
additional check for angle brackets in the name and email field, and
spaces in the email field. The timestamp and timezone sections are made
more straight forward by using strspn().

Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
maint
Brandon Casey 2008-03-31 18:25:23 -05:00 committed by Junio C Hamano
parent e0aaf781f6
commit ba26ab99d4
2 changed files with 87 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
mktag.c
View File

@ -45,6 +45,7 @@ static int verify_tag(char *buffer, unsigned long size)
char type[20]; char type[20];
unsigned char sha1[20]; unsigned char sha1[20];
const char *object, *type_line, *tag_line, *tagger_line, *lb, *rb; const char *object, *type_line, *tag_line, *tagger_line, *lb, *rb;
size_t len;


if (size < 84) if (size < 84)
return error("wanna fool me ? you obviously got the size wrong !"); return error("wanna fool me ? you obviously got the size wrong !");
@ -98,18 +99,21 @@ static int verify_tag(char *buffer, unsigned long size)
/* Verify the tagger line */ /* Verify the tagger line */
tagger_line = tag_line; tagger_line = tag_line;


if (memcmp(tagger_line, "tagger ", 7) || (tagger_line[7] == '\n')) if (memcmp(tagger_line, "tagger ", 7))
return error("char" PD_FMT ": could not find \"tagger \"", return error("char" PD_FMT ": could not find \"tagger \"",
tagger_line - buffer); tagger_line - buffer);


/* /*
* Check for correct form for name and email * Check for correct form for name and email
* i.e. " <" followed by "> " on _this_ line * i.e. " <" followed by "> " on _this_ line
* No angle brackets within the name or email address fields.
* No spaces within the email address field.
*/ */
tagger_line += 7; tagger_line += 7;
if (!(lb = strstr(tagger_line, " <")) || !(rb = strstr(lb+2, "> ")) || if (!(lb = strstr(tagger_line, " <")) || !(rb = strstr(lb+2, "> ")) ||
strchr(tagger_line, '\n') < rb) strpbrk(tagger_line, "<>\n") != lb+1 ||
return error("char" PD_FMT ": malformed tagger", strpbrk(lb+2, "><\n ") != rb)
return error("char" PD_FMT ": malformed tagger field",
tagger_line - buffer); tagger_line - buffer);


/* Check for author name, at least one character, space is acceptable */ /* Check for author name, at least one character, space is acceptable */
@ -117,25 +121,20 @@ static int verify_tag(char *buffer, unsigned long size)
return error("char" PD_FMT ": missing tagger name", return error("char" PD_FMT ": missing tagger name",
tagger_line - buffer); tagger_line - buffer);


/* timestamp */ /* timestamp, 1 or more digits followed by space */
tagger_line = rb + 2; tagger_line = rb + 2;
if (*tagger_line == ' ') if (!(len = strspn(tagger_line, "0123456789")))
return error("char" PD_FMT ": missing tag timestamp",
tagger_line - buffer);
tagger_line += len;
if (*tagger_line != ' ')
return error("char" PD_FMT ": malformed tag timestamp", return error("char" PD_FMT ": malformed tag timestamp",
tagger_line - buffer); tagger_line - buffer);
for (;;) { tagger_line++;
unsigned char c = *tagger_line++;
if (c == ' ')
break;
if (isdigit(c))
continue;
return error("char" PD_FMT ": malformed tag timestamp",
tagger_line - buffer);
}


/* timezone, 5 digits [+-]hhmm, max. 1400 */ /* timezone, 5 digits [+-]hhmm, max. 1400 */
if (!((tagger_line[0] == '+' || tagger_line[0] == '-') && if (!((tagger_line[0] == '+' || tagger_line[0] == '-') &&
isdigit(tagger_line[1]) && isdigit(tagger_line[2]) && strspn(tagger_line+1, "0123456789") == 4 &&
isdigit(tagger_line[3]) && isdigit(tagger_line[4]) &&
tagger_line[5] == '\n' && atoi(tagger_line+1) <= 1400)) tagger_line[5] == '\n' && atoi(tagger_line+1) <= 1400))
return error("char" PD_FMT ": malformed tag timezone", return error("char" PD_FMT ": malformed tag timezone",
tagger_line - buffer); tagger_line - buffer);

88
t/t3800-mktag.sh
View File

@ -180,7 +180,7 @@ check_verify_failure '"tagger" line label check #2' \
'^error: char70: could not find "tagger "$' '^error: char70: could not find "tagger "$'


############################################################ ############################################################
# 13. detect missing tag author name # 13. disallow missing tag author name


cat >tag.sig <<EOF cat >tag.sig <<EOF
object $head object $head
@ -191,11 +191,11 @@ tagger <> 0 +0000
This is filler This is filler
EOF EOF


check_verify_failure 'detect missing tag author name' \ check_verify_failure 'disallow missing tag author name' \
'^error: char77: missing tagger name$' '^error: char77: missing tagger name$'


############################################################ ############################################################
# 14. detect missing tag author name # 14. disallow missing tag author name


cat >tag.sig <<EOF cat >tag.sig <<EOF
object $head object $head
@ -206,8 +206,8 @@ tagger T A Gger <


EOF EOF


check_verify_failure 'detect malformed tagger' \ check_verify_failure 'disallow malformed tagger' \
'^error: char77: malformed tagger$' '^error: char77: malformed tagger field$'


############################################################ ############################################################
# 15. allow empty tag email # 15. allow empty tag email
@ -225,7 +225,21 @@ test_expect_success \
'git-mktag <tag.sig >.git/refs/tags/mytag 2>message' 'git-mktag <tag.sig >.git/refs/tags/mytag 2>message'


############################################################ ############################################################
# 16. detect missing tag timestamp # 16. disallow spaces in tag email

cat >tag.sig <<EOF
object $head
type commit
tag mytag
tagger T A Gger <tag ger@example.com> 0 +0000

EOF

check_verify_failure 'disallow spaces in tag email' \
'^error: char77: malformed tagger field$'

############################################################
# 17. disallow missing tag timestamp


cat >tag.sig <<EOF cat >tag.sig <<EOF
object $head object $head
@ -235,11 +249,11 @@ tagger T A Gger <tagger@example.com>


EOF EOF


check_verify_failure 'detect missing tag timestamp' \ check_verify_failure 'disallow missing tag timestamp' \
'^error: char107: malformed tag timestamp$' '^error: char107: missing tag timestamp$'


############################################################ ############################################################
# 17. detect invalid tag timestamp # 18. detect invalid tag timestamp1


cat >tag.sig <<EOF cat >tag.sig <<EOF
object $head object $head
@ -249,11 +263,25 @@ tagger T A Gger <tagger@example.com> Tue Mar 25 15:47:44 2008


EOF EOF


check_verify_failure 'detect invalid tag timestamp' \ check_verify_failure 'detect invalid tag timestamp1' \
'^error: char108: malformed tag timestamp$' '^error: char107: missing tag timestamp$'


############################################################ ############################################################
# 18. detect invalid tag timezone # 19. detect invalid tag timestamp2

cat >tag.sig <<EOF
object $head
type commit
tag mytag
tagger T A Gger <tagger@example.com> 2008-03-31T12:20:15-0500

EOF

check_verify_failure 'detect invalid tag timestamp2' \
'^error: char111: malformed tag timestamp$'

############################################################
# 20. detect invalid tag timezone1


cat >tag.sig <<EOF cat >tag.sig <<EOF
object $head object $head
@ -263,11 +291,39 @@ tagger T A Gger <tagger@example.com> 1206478233 GMT


EOF EOF


check_verify_failure 'detect invalid tag timezone' \ check_verify_failure 'detect invalid tag timezone1' \
'^error: char118: malformed tag timezone$' '^error: char118: malformed tag timezone$'


############################################################ ############################################################
# 19. detect invalid header entry # 21. detect invalid tag timezone2

cat >tag.sig <<EOF
object $head
type commit
tag mytag
tagger T A Gger <tagger@example.com> 1206478233 + 30

EOF

check_verify_failure 'detect invalid tag timezone2' \
'^error: char118: malformed tag timezone$'

############################################################
# 22. detect invalid tag timezone3

cat >tag.sig <<EOF
object $head
type commit
tag mytag
tagger T A Gger <tagger@example.com> 1206478233 -1430

EOF

check_verify_failure 'detect invalid tag timezone3' \
'^error: char118: malformed tag timezone$'

############################################################
# 23. detect invalid header entry


cat >tag.sig <<EOF cat >tag.sig <<EOF
object $head object $head
@ -282,7 +338,7 @@ check_verify_failure 'detect invalid header entry' \
'^error: char124: trailing garbage in tag header$' '^error: char124: trailing garbage in tag header$'


############################################################ ############################################################
# 20. create valid tag # 24. create valid tag


cat >tag.sig <<EOF cat >tag.sig <<EOF
object $head object $head
@ -297,7 +353,7 @@ test_expect_success \
'git-mktag <tag.sig >.git/refs/tags/mytag 2>message' 'git-mktag <tag.sig >.git/refs/tags/mytag 2>message'


############################################################ ############################################################
# 21. check mytag # 25. check mytag


test_expect_success \ test_expect_success \
'check mytag' \ 'check mytag' \