On Sat, Feb 12, 2011 at 12:42:21PM +0100, Thomas Rast wrote: > This patch makes t9350 fail under valgrind: > > expecting success: > > TAG=$(git hash-object -t tag -w tag-content) && > git update-ref refs/tags/sonnenschein $TAG && > git fast-export -C -C --signed-tags=strip --all > output && > test $(grep -c "^tag " output) = 4 && > ! grep "Unspecified Tagger" output && > git fast-export -C -C --signed-tags=strip --all \ > --fake-missing-tagger > output && > test $(grep -c "^tag " output) = 4 && > grep "Unspecified Tagger" output > > > ==2862== Invalid read of size 1 > ==2862== at 0x4F0C34: prefixcmp (strbuf.c:9) > ==2862== by 0x4F4FB3: parse_tag_buffer (tag.c:109) Nice. Does this fix it? --8<-- diff --git a/tag.c b/tag.c index ecf7c1e..9318ae5 100644 --- a/tag.c +++ b/tag.c @@ -97,7 +97,9 @@ int parse_tag_buffer(struct tag *item, const void *data, unsigned long size) item->tagged = NULL; } - if (prefixcmp(bufptr, "tag ")) + if (bufptr + 5 < tail && !prefixcmp(bufptr, "tag ")) + ; /* good */ + else return -1; bufptr += 4; nl = memchr(bufptr, '\n', tail - bufptr); @@ -106,7 +108,7 @@ int parse_tag_buffer(struct tag *item, const void *data, unsigned long size) item->tag = xmemdupz(bufptr, nl - bufptr); bufptr = nl + 1; - if (!prefixcmp(bufptr, "tagger ")) + if (bufptr + 8 < tail && !prefixcmp(bufptr, "tagger ")) item->date = parse_tag_date(bufptr, tail); else item->date = 0; --8<-- -- Duy -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html