From 87003d2c94985f9b3c5ef23b9c042ae3b4ede6bb Mon Sep 17 00:00:00 2001
From: "brian m. carlson" <sandals@crustytoothpaste.net>
Date: Tue, 19 Feb 2019 00:05:19 +0000
Subject: builtin/get-tar-commit-id: make hash size independent

To make this code independent of the hash size, verify that the length
of the comment is equal to that of any supported hash algorithm.

Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
 builtin/get-tar-commit-id.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'builtin/get-tar-commit-id.c')

diff --git a/builtin/get-tar-commit-id.c b/builtin/get-tar-commit-id.c
index 312e44ed05f..491af9202dc 100644
--- a/builtin/get-tar-commit-id.c
+++ b/builtin/get-tar-commit-id.c
@@ -41,7 +41,8 @@ int cmd_get_tar_commit_id(int argc, const char **argv, const char *prefix)
 	if (!skip_prefix(end, " comment=", &comment))
 		return 1;
 	len -= comment - content;
-	if (len != GIT_SHA1_HEXSZ + 1)
+	if (len < 1 || !(len % 2) ||
+	    hash_algo_by_length((len - 1) / 2) == GIT_HASH_UNKNOWN)
 		return 1;
 
 	if (write_in_full(1, comment, len) < 0)
-- 
cgit v1.2.3