From: Jeff King Date: Wed, 27 Sep 2017 06:17:36 +0000 (-0400) Subject: validate_headref: use get_oid_hex for detached HEADs X-Git-Tag: v2.15.0-rc0~18^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0bca165fdb57b032e505161a9450fd5e3edfd19a;p=git validate_headref: use get_oid_hex for detached HEADs If a candidate HEAD isn't a symref, we check that it contains a viable sha1. But in a post-sha1 world, we should be checking whether it has any plausible object-id. We can do that by switching to get_oid_hex(). Note that both before and after this patch, we only check for a plausible object id at the start of the file, and then call that good enough. We ignore any content _after_ the hex, so a string like: 0123456789012345678901234567890123456789 foo is accepted. Though we do put extra bytes like this into some pseudorefs (e.g., FETCH_HEAD), we don't typically do so with HEAD. We could tighten this up by using parse_oid_hex(), like: if (!parse_oid_hex(buffer, &oid, &end) && *end++ == '\n' && *end == '\0') return 0; But we're probably better to remain on the loose side. We're just checking here for a plausible-looking repository directory, so heuristics are acceptable (if we really want to be meticulous, we should use the actual ref code to parse HEAD). Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- diff --git a/path.c b/path.c index 650c66c32d..883324b10a 100644 --- a/path.c +++ b/path.c @@ -638,7 +638,7 @@ int validate_headref(const char *path) struct stat st; char buffer[256]; const char *refname; - unsigned char sha1[20]; + struct object_id oid; int fd; ssize_t len; @@ -679,7 +679,7 @@ int validate_headref(const char *path) /* * Is this a detached HEAD? */ - if (!get_sha1_hex(buffer, sha1)) + if (!get_oid_hex(buffer, &oid)) return 0; return -1;