Nguyễn Thái Ngọc Duy <pclouds@xxxxxxxxx> writes:
> diff --git a/builtin/mktag.c b/builtin/mktag.c
> index 640ab64..f51ce20 100644
> --- a/builtin/mktag.c
> +++ b/builtin/mktag.c
> @@ -165,6 +165,9 @@ int cmd_mktag(int argc, const char **argv, const char *prefix)
> if (verify_tag(buf.buf, buf.len) < 0)
> die("invalid tag signature file");
>
> + if (memchr(buf.buf, '\0', buf.len))
> + die("a NUL byte in tag message not allowed.");
> +
Is there a good reason why you check _after_ calling verify_tag(), instead
of before?
> if (write_sha1_file(buf.buf, buf.len, tag_type, result_sha1) < 0)
> die("unable to write tag file");
>
> diff --git a/builtin/tag.c b/builtin/tag.c
> index 31f02e8..e66811e 100644
> --- a/builtin/tag.c
> +++ b/builtin/tag.c
> @@ -259,6 +259,8 @@ static int build_tag_object(struct strbuf *buf, int sign, unsigned char *result)
> {
> if (sign && do_sign(buf) < 0)
> return error(_("unable to sign the tag"));
> + if (memchr(buf->buf, '\0', buf->len))
> + return error("a NUL byte in tag message not allowed.");
Is there a good reason why you check _after_ calling do_sign(), instead of
before?
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html