[3/6] builtin/commit-graph.c: die() with unknown '--object-dir'
diff mbox series

Message ID bff635973073f4c496213e0416483985d7a4d12e.1580424766.git.me@ttaylorr.com
State New
Headers show
  • commit-graph: use 'struct object_directory *' everywhere
Related show

Commit Message

Taylor Blau Jan. 30, 2020, 11 p.m. UTC
The commit-graph sub-commands 'write', 'verify' both take an
'--object-dir' argument, which is used to specify the location of an
object directory containing commit-graphs.

However, there was no verification that the '--object-dir' argument
was an object directory. In the case of an '--object-dir' argument that
either (1) doesn't exist, or (2) isn't an object directory, 'git
commit-graph ...' would exit silently with status zero.

This can clearly lead to unintended behavior, such as verifying
commit-graphs that aren't in a repository's own object store (or one of
its alternates), or causing a typo to mask a legitimate commit-graph
verification failure.

To remedy this, let's wrap 'find_odb()' with 'find_odb_or_die()' and
cause the above such errors to produce an error and non-zero exit code.

Signed-off-by: Taylor Blau <me@ttaylorr.com>
 Documentation/git-commit-graph.txt |  5 ++++-
 builtin/commit-graph.c             | 13 +++++++++++--
 2 files changed, 15 insertions(+), 3 deletions(-)

diff mbox series

diff --git a/Documentation/git-commit-graph.txt b/Documentation/git-commit-graph.txt
index bcd85c1976..28d1fee505 100644
--- a/Documentation/git-commit-graph.txt
+++ b/Documentation/git-commit-graph.txt
@@ -26,7 +26,10 @@  OPTIONS
 	file. This parameter exists to specify the location of an alternate
 	that only has the objects directory, not a full `.git` directory. The
 	commit-graph file is expected to be in the `<dir>/info` directory and
-	the packfiles are expected to be in `<dir>/pack`.
+	the packfiles are expected to be in `<dir>/pack`. If the directory
+	could not be made into an absolute path, or does not match any known
+	object directory, `git commit-graph ...` will exit with non-zero
+	status.
 	Turn progress on/off explicitly. If neither is specified, progress is
diff --git a/builtin/commit-graph.c b/builtin/commit-graph.c
index 3edac318e8..93ff90d73b 100644
--- a/builtin/commit-graph.c
+++ b/builtin/commit-graph.c
@@ -34,6 +34,15 @@  static struct opts_commit_graph {
 	int progress;
 } opts;
+static struct object_directory *find_odb_or_die(struct repository *r,
+						const char *obj_dir)
+	struct object_directory *odb = find_odb(r, obj_dir);
+	if (!odb)
+		die(_("could not find object directory matching %s"), obj_dir);
+	return odb;
 static int graph_verify(int argc, const char **argv)
 	struct commit_graph *graph = NULL;
@@ -78,7 +87,7 @@  static int graph_verify(int argc, const char **argv)
 		graph = load_commit_graph_one_fd_st(fd, &st);
 	else {
 		struct object_directory *odb;
-		if ((odb = find_odb(the_repository, opts.obj_dir)))
+		if ((odb = find_odb_or_die(the_repository, opts.obj_dir)))
 			graph = read_commit_graph_one(the_repository, odb);
@@ -149,7 +158,7 @@  static int graph_write(int argc, const char **argv)
 	read_replace_refs = 0;
-	odb = find_odb(the_repository, opts.obj_dir);
+	odb = find_odb_or_die(the_repository, opts.obj_dir);
 	if (opts.reachable) {
 		if (write_commit_graph_reachable(odb->path, flags, &split_opts))