From d0d7cbe730c31a6e1d12bd68975ff73c60f1de6c Mon Sep 17 00:00:00 2001 From: Linus Torvalds Date: Sun, 17 Apr 2005 15:26:13 -0700 Subject: Make "commit-tree" check the input objects more carefully. Let's not allow trivially bogus commits. I did one for the first trial of the first kernel git merge. fsck found it ok, but.. --- commit-tree.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'commit-tree.c') diff --git a/commit-tree.c b/commit-tree.c index 50fe19652f..b20957546a 100644 --- a/commit-tree.c +++ b/commit-tree.c @@ -240,6 +240,18 @@ static void parse_rfc2822_date(char *date, char *result, int maxlen) snprintf(result, maxlen, "%lu %5.5s", then, p); } +static void check_valid(unsigned char *sha1, const char *expect) +{ + void *buf; + char type[20]; + unsigned long size; + + buf = read_sha1_file(sha1, type, &size); + if (!buf || strcmp(type, expect)) + die("%s is not a valid '%s' object", sha1_to_hex(sha1), expect); + free(buf); +} + /* * Having more than two parents may be strange, but hey, there's * no conceptual reason why the file format couldn't accept multi-way @@ -271,11 +283,13 @@ int main(int argc, char **argv) if (argc < 2 || get_sha1_hex(argv[1], tree_sha1) < 0) usage("commit-tree [-p ]* < changelog"); + check_valid(tree_sha1, "tree"); for (i = 2; i < argc; i += 2) { char *a, *b; a = argv[i]; b = argv[i+1]; if (!b || strcmp(a, "-p") || get_sha1_hex(b, parent_sha1[parents])) usage("commit-tree [-p ]* < changelog"); + check_valid(parent_sha1[parents], "commit"); parents++; } if (!parents) -- cgit v1.2.3