From: Junio C Hamano Date: Thu, 20 Oct 2011 18:37:59 +0000 (-0700) Subject: parse_signed_commit: really use the entire commit log message X-Git-Tag: test-another~1 X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=33a11a20eb7610771268e34211509cbbdee76b1e;p=git.git parse_signed_commit: really use the entire commit log message ... even beyond the first NUL in the buffer, when checking the commit against the detached signature in the header. Signed-off-by: Junio C Hamano --- diff --git a/commit.c b/commit.c index 93045a2cd..09693f78d 100644 --- a/commit.c +++ b/commit.c @@ -854,28 +854,31 @@ int parse_signed_commit(const unsigned char *sha1, unsigned long size; enum object_type type; char *buffer = read_sha1_file(sha1, &type, &size); - int in_header, saw_signature = -1; - char *line; + int saw_signature = -1; + char *line, *tail; if (!buffer || type != OBJ_COMMIT) goto cleanup; line = buffer; - in_header = 1; + tail = buffer + size; saw_signature = 0; - while (*line) { - char *next = strchrnul(line, '\n'); - if (*next) + while (line < tail) { + char *next = memchr(line, '\n', tail - line); + if (!next) + next = tail; + else next++; - if (in_header && !prefixcmp(line, gpg_sig_header)) { + if (!prefixcmp(line, gpg_sig_header)) { const char *sig = line + gpg_sig_header_len; strbuf_add(signature, sig, next - sig); saw_signature = 1; } else { + if (*line == '\n') + /* dump the whole remainder of the buffer */ + next = tail; strbuf_add(payload, line, next - line); } - if (*line == '\n') - in_header = 0; line = next; } cleanup: diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh index 5c7475d81..30401ced0 100755 --- a/t/t7510-signed-commit.sh +++ b/t/t7510-signed-commit.sh @@ -50,11 +50,22 @@ test_expect_success GPG 'show signatures' ' test_expect_success GPG 'detect fudged signature' ' git cat-file commit master >raw && - sed -e "s/fourth signed/4th forged/" raw >forged && - git hash-object -w -t commit forged >forged.commit && - git show --pretty=short --show-signature $(cat forged.commit) >actual && - grep "BAD signature from" actual && - ! grep "Good signature from" actual + + sed -e "s/fourth signed/4th forged/" raw >forged1 && + git hash-object -w -t commit forged1 >forged1.commit && + git show --pretty=short --show-signature $(cat forged1.commit) >actual1 && + grep "BAD signature from" actual1 && + ! grep "Good signature from" actual1 +' + +test_expect_success GPG 'detect fudged signature with NUL' ' + git cat-file commit master >raw && + cat raw >forged2 && + echo Qwik | tr "Q" "\000" >>forged2 && + git hash-object -w -t commit forged2 >forged2.commit && + git show --pretty=short --show-signature $(cat forged2.commit) >actual2 && + grep "BAD signature from" actual2 && + ! grep "Good signature from" actual2 ' test_done