Deploy GIT_SIGNATURE_INIT
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150
diff --git a/src/commit.c b/src/commit.c
index 4072518..5197fdb 100644
--- a/src/commit.c
+++ b/src/commit.c
@@ -93,6 +93,9 @@ int git_commit_create(
git_odb *odb;
assert(git_object_owner((const git_object *)tree) == repo);
+ if (!git_signature__has_valid_version(author) ||
+ !git_signature__has_valid_version(committer))
+ return -1;
git_oid__writebuf(&commit, "tree ", git_object_id((const git_object *)tree));
diff --git a/src/notes.c b/src/notes.c
index dd36cc2..87ee1e7 100644
--- a/src/notes.c
+++ b/src/notes.c
@@ -11,6 +11,7 @@
#include "refs.h"
#include "config.h"
#include "iterator.h"
+#include "signature.h"
static int find_subtree_in_current_level(
git_tree **out,
@@ -455,6 +456,10 @@ int git_note_create(
git_commit *commit = NULL;
git_tree *tree = NULL;
+ if (!git_signature__has_valid_version(author) ||
+ !git_signature__has_valid_version(committer))
+ return -1;
+
target = git_oid_allocfmt(oid);
GITERR_CHECK_ALLOC(target);
@@ -482,6 +487,10 @@ int git_note_remove(git_repository *repo, const char *notes_ref,
git_commit *commit = NULL;
git_tree *tree = NULL;
+ if (!git_signature__has_valid_version(author) ||
+ !git_signature__has_valid_version(committer))
+ return -1;
+
target = git_oid_allocfmt(oid);
GITERR_CHECK_ALLOC(target);
diff --git a/src/reflog.c b/src/reflog.c
index ac481fb..4d119ba 100644
--- a/src/reflog.c
+++ b/src/reflog.c
@@ -112,6 +112,7 @@ static int reflog_parse(git_reflog *log, const char *buf, size_t buf_size)
entry->committer = git__malloc(sizeof(git_signature));
GITERR_CHECK_ALLOC(entry->committer);
+ entry->committer->version = GIT_SIGNATURE_VERSION;
if (git_oid_fromstrn(&entry->oid_old, buf, GIT_OID_HEXSZ) < 0)
goto fail;
@@ -297,6 +298,9 @@ int git_reflog_append(git_reflog *reflog, const git_oid *new_oid,
assert(reflog && new_oid && committer);
+ if (!git_signature__has_valid_version(committer))
+ return -1;
+
if (reflog_entry_new(&entry) < 0)
return -1;
diff --git a/src/signature.c b/src/signature.c
index 0159488..008b131 100644
--- a/src/signature.c
+++ b/src/signature.c
@@ -90,6 +90,7 @@ int git_signature_new(git_signature **sig_out, const char *name, const char *ema
p = git__calloc(1, sizeof(git_signature));
GITERR_CHECK_ALLOC(p);
+ p->version = GIT_SIGNATURE_VERSION;
if (process_trimming(name, &p->name, name + strlen(name), 1) < 0 ||
process_trimming(email, &p->email, email + strlen(email), 1) < 0)
@@ -263,8 +264,9 @@ int git_signature__parse(git_signature *sig, const char **buffer_out,
const char *buffer = *buffer_out;
const char *line_end, *name_end, *email_end, *tz_start, *time_start;
int error = 0;
+ git_signature initsig = GIT_SIGNATURE_INIT;
- memset(sig, 0x0, sizeof(git_signature));
+ memmove(sig, &initsig, sizeof(git_signature));
if ((line_end = memchr(buffer, ender, buffer_end - buffer)) == NULL)
return signature_error("no newline given");
diff --git a/src/signature.h b/src/signature.h
index 97b3a05..599e199 100644
--- a/src/signature.h
+++ b/src/signature.h
@@ -15,4 +15,16 @@
int git_signature__parse(git_signature *sig, const char **buffer_out, const char *buffer_end, const char *header, char ender);
void git_signature__writebuf(git_buf *buf, const char *header, const git_signature *sig);
+GIT_INLINE(bool) git_signature__has_valid_version(const git_signature *sig)
+{
+ if (!sig)
+ return true;
+
+ if (sig->version > 0 && sig->version <= GIT_SIGNATURE_VERSION)
+ return true;
+
+ giterr_set(GITERR_INVALID, "Invalid version %d on git_signature", sig->version);
+ return false;
+}
+
#endif
diff --git a/src/stash.c b/src/stash.c
index 98c7a7c..67fa498 100644
--- a/src/stash.c
+++ b/src/stash.c
@@ -14,6 +14,7 @@
#include "git2/stash.h"
#include "git2/status.h"
#include "git2/checkout.h"
+#include "signature.h"
static int create_error(int error, const char *msg)
{
@@ -522,6 +523,9 @@ int git_stash_save(
assert(out && repo && stasher);
+ if (!git_signature__has_valid_version(stasher))
+ return -1;
+
if ((error = ensure_non_bare_repository(repo)) < 0)
return error;
diff --git a/src/tag.c b/src/tag.c
index 606afd6..fb70837 100644
--- a/src/tag.c
+++ b/src/tag.c
@@ -244,6 +244,9 @@ static int git_tag_create__internal(
assert(repo && tag_name && target);
assert(!create_tag_annotation || (tagger && message));
+ if (!git_signature__has_valid_version(tagger))
+ return -1;
+
if (git_object_owner(target) != repo) {
giterr_set(GITERR_INVALID, "The given target does not belong to this repository");
return -1;