Merge pull request #4122 from pks-t/pks/signature-dbl-free Signature cleanups
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76
diff --git a/include/git2/commit.h b/include/git2/commit.h
index 4cc6374..692b3bd 100644
--- a/include/git2/commit.h
+++ b/include/git2/commit.h
@@ -255,7 +255,8 @@ GIT_EXTERN(int) git_commit_nth_gen_ancestor(
/**
* Get an arbitrary header field
*
- * @param out the buffer to fill
+ * @param out the buffer to fill; existing content will be
+ * overwritten
* @param commit the commit to look in
* @param field the header field to return
* @return 0 on succeess, GIT_ENOTFOUND if the field does not exist,
@@ -270,8 +271,10 @@ GIT_EXTERN(int) git_commit_header_field(git_buf *out, const git_commit *commit,
* `GITERR_INVALID`. If the commit does not have a signature, the
* error class will be `GITERR_OBJECT`.
*
- * @param signature the signature block
- * @param signed_data signed data; this is the commit contents minus the signature block
+ * @param signature the signature block; existing content will be
+ * overwritten
+ * @param signed_data signed data; this is the commit contents minus the signature block;
+ * existing content will be overwritten
* @param repo the repository in which the commit exists
* @param commit_id the commit from which to extract the data
* @param field the name of the header field containing the signature
diff --git a/src/buffer.h b/src/buffer.h
index cdfca6d..a76b2d7 100644
--- a/src/buffer.h
+++ b/src/buffer.h
@@ -66,7 +66,8 @@ extern int git_buf_try_grow(
* library, when providing git_buf's, may wish to provide a NULL ptr for
* ease of handling. The buffer routines, however, expect a non-NULL ptr
* always. This helper method simply handles NULL input, converting to a
- * git_buf__initbuf.
+ * git_buf__initbuf. If a buffer with a non-NULL ptr is passed in, this method
+ * assures that the buffer is '\0'-terminated.
*/
extern void git_buf_sanitize(git_buf *buf);
diff --git a/src/commit.c b/src/commit.c
index 87ab2ab..05b70a9 100644
--- a/src/commit.c
+++ b/src/commit.c
@@ -642,7 +642,7 @@ int git_commit_header_field(git_buf *out, const git_commit *commit, const char *
{
const char *eol, *buf = commit->raw_header;
- git_buf_sanitize(out);
+ git_buf_clear(out);
while ((eol = strchr(buf, '\n'))) {
/* We can skip continuations here */
@@ -706,8 +706,8 @@ int git_commit_extract_signature(git_buf *signature, git_buf *signed_data, git_r
const char *h, *eol;
int error;
- git_buf_sanitize(signature);
- git_buf_sanitize(signed_data);
+ git_buf_clear(signature);
+ git_buf_clear(signed_data);
if (!field)
field = "gpgsig";
@@ -766,8 +766,9 @@ int git_commit_extract_signature(git_buf *signature, git_buf *signed_data, git_r
if (git_buf_oom(signature))
goto oom;
+ error = git_buf_puts(signed_data, eol+1);
git_odb_object_free(obj);
- return git_buf_puts(signed_data, eol+1);
+ return error;
}
giterr_set(GITERR_OBJECT, "this commit is not signed");