mirror of
https://github.com/git/git.git
synced 2024-09-21 09:42:22 +02:00
61d36330b4
Comparing the result of read_in_full() using less-than is potentially dangerous, as a negative return value may be converted to an unsigned type and be considered a success. This is discussed further in 561598cfcf (read_pack_header: handle signed/unsigned comparison in read result, 2017-09-13). Each of these instances is actually fine in practice: - in get-tar-commit-id, the HEADERSIZE macro expands to a signed integer. If it were switched to an unsigned type (e.g., a size_t), then it would be a bug. - the other two callers check for a short read only after handling a negative return separately. This is a fine practice, but we'd prefer to model "!=" as a general rule. So all of these cases can be considered cleanups and not actual bugfixes. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
41 lines
960 B
C
41 lines
960 B
C
/*
|
|
* Copyright (c) 2005, 2006 Rene Scharfe
|
|
*/
|
|
#include "cache.h"
|
|
#include "commit.h"
|
|
#include "tar.h"
|
|
#include "builtin.h"
|
|
#include "quote.h"
|
|
|
|
static const char builtin_get_tar_commit_id_usage[] =
|
|
"git get-tar-commit-id";
|
|
|
|
/* ustar header + extended global header content */
|
|
#define RECORDSIZE (512)
|
|
#define HEADERSIZE (2 * RECORDSIZE)
|
|
|
|
int cmd_get_tar_commit_id(int argc, const char **argv, const char *prefix)
|
|
{
|
|
char buffer[HEADERSIZE];
|
|
struct ustar_header *header = (struct ustar_header *)buffer;
|
|
char *content = buffer + RECORDSIZE;
|
|
const char *comment;
|
|
ssize_t n;
|
|
|
|
if (argc != 1)
|
|
usage(builtin_get_tar_commit_id_usage);
|
|
|
|
n = read_in_full(0, buffer, HEADERSIZE);
|
|
if (n != HEADERSIZE)
|
|
die("git get-tar-commit-id: read error");
|
|
if (header->typeflag[0] != 'g')
|
|
return 1;
|
|
if (!skip_prefix(content, "52 comment=", &comment))
|
|
return 1;
|
|
|
|
if (write_in_full(1, comment, 41) < 0)
|
|
die_errno("git get-tar-commit-id: write error");
|
|
|
|
return 0;
|
|
}
|