Re: [PATCH v2 19/19] signed push: fortify against replay attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 22.08.2014 22:30, Junio C Hamano wrote:
> @@ -1226,12 +1232,28 @@ static int delete_only(struct command *commands)
>  	return 1;
>  }
>  
> +static char *prepare_push_cert_nonce(const char *sitename, const char *dir)
> +{
> +	struct strbuf buf = STRBUF_INIT;
> +	unsigned char sha1[20];
> +
> +	if (!sitename) {
> +		static char buf[1024];
> +		gethostname(buf, sizeof(buf));
> +		sitename = buf;
> +	}
> +	strbuf_addf(&buf, "%s:%s:%lu", sitename, dir, time(NULL));
> +	hash_sha1_file(buf.buf, buf.len, "blob", sha1);
> +	return xstrdup(sha1_to_hex(sha1));
> +}
> +

On every other use of gethostname within git.git we're
checking the return code. And if gethostname fails, we're
either copying in 'localhost' or 'unknown' instead.

Does that make sense here as well?

Found by coverity scan.

Thanks,
Stefan

--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]