From 80c7f5a011416f4893c8e395bbf9f841a6dd624e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Scharfe?= Date: Thu, 19 Nov 2015 17:20:14 +0100 Subject: [PATCH 1/2] t1450: add tests for NUL in headers of commits and tags Signed-off-by: Rene Scharfe Signed-off-by: Jeff King --- t/t1450-fsck.sh | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/t/t1450-fsck.sh b/t/t1450-fsck.sh index dc09797021..6c96953628 100755 --- a/t/t1450-fsck.sh +++ b/t/t1450-fsck.sh @@ -176,6 +176,18 @@ test_expect_success 'integer overflow in timestamps is reported' ' grep "error in commit $new.*integer overflow" out ' +test_expect_success 'commit with NUL in header' ' + git cat-file commit HEAD >basis && + sed "s/author ./author Q/" commit-NUL-header && + new=$(git hash-object -t commit -w --stdin out && + cat out && + grep "error in commit $new.*unterminated header: NUL at offset" out +' + test_expect_success 'malformatted tree object' ' test_when_finished "git update-ref -d refs/tags/wrong" && test_when_finished "remove_object \$T" && @@ -276,6 +288,26 @@ test_expect_success 'tag with bad tagger' ' grep "error in tag .*: invalid author/committer" out ' +test_expect_failure 'tag with NUL in header' ' + sha=$(git rev-parse HEAD) && + q_to_nul >tag-NUL-header <<-EOF && + object $sha + type commit + tag contains-Q-in-header + tagger T A Gger 1234567890 -0000 + + This is an invalid tag. + EOF + + tag=$(git hash-object --literally -t tag -w --stdin .git/refs/tags/wrong && + test_when_finished "git update-ref -d refs/tags/wrong" && + test_must_fail git fsck --tags 2>out && + cat out && + grep "error in tag $tag.*unterminated header: NUL at offset" out +' + test_expect_success 'cleaned up' ' git fsck >actual 2>&1 && test_cmp empty actual From 8a272f291a34dcc01bad174922de5fd4c9df2cee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Scharfe?= Date: Thu, 19 Nov 2015 17:25:31 +0100 Subject: [PATCH 2/2] fsck: treat a NUL in a tag header as an error We check the return value of verify_header() for commits already, so do the same for tags as well. Signed-off-by: Rene Scharfe Signed-off-by: Jeff King --- fsck.c | 3 ++- t/t1450-fsck.sh | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/fsck.c b/fsck.c index e41e753d6d..4060f1f551 100644 --- a/fsck.c +++ b/fsck.c @@ -711,7 +711,8 @@ static int fsck_tag_buffer(struct tag *tag, const char *data, } } - if (verify_headers(buffer, size, &tag->object, options)) + ret = verify_headers(buffer, size, &tag->object, options); + if (ret) goto done; if (!skip_prefix(buffer, "object ", &buffer)) { diff --git a/t/t1450-fsck.sh b/t/t1450-fsck.sh index 6c96953628..e66b7cb697 100755 --- a/t/t1450-fsck.sh +++ b/t/t1450-fsck.sh @@ -288,7 +288,7 @@ test_expect_success 'tag with bad tagger' ' grep "error in tag .*: invalid author/committer" out ' -test_expect_failure 'tag with NUL in header' ' +test_expect_success 'tag with NUL in header' ' sha=$(git rev-parse HEAD) && q_to_nul >tag-NUL-header <<-EOF && object $sha