| Message ID | bc4bda3508d22038fa05c510a5ffae53b0af1ceb.1713519789.git.ps@pks.im (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show
Received: from wfhigh7-smtp.messagingengine.com
(wfhigh7-smtp.messagingengine.com [64.147.123.158])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id C3DBC7FBCE
for <git@vger.kernel.org>; Fri, 19 Apr 2024 09:51:47 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
arc=none smtp.client-ip=64.147.123.158
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
t=1713520309; cv=none;
b=bvPtnC0staYz8quRzp5YeSP1mDHwwPAVYYA+qM5xtjrQZ93GU8UmoZCaX+VarJkvGijC6oRPlFfDDzBskjRSwjf9y8wLySkEzs0UAFEfEqQeeVJLUWZsJz9e7s0TlJalAEu8YhTqmSwR+/upDWLk0b+7N5HnjOq8XDjO6C+YG2Y=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
s=arc-20240116; t=1713520309; c=relaxed/simple;
bh=VorqWIQYVMZXnKL+awTu/3AWoDWOXwiXa4Iq3+348rE=;
h=Date:From:To:Subject:Message-ID:References:MIME-Version:
Content-Type:Content-Disposition:In-Reply-To;
b=KNiKVqynF+xoQbTrv4PzXR9n0+i8M4u3kt1hIhJkRfTjDIieHf6oUHaAtYPQdOReBhl8Pd0S6AQ+Q8WOxPTtjAGtr9ST34R67a0k52V7j0VWZyHutTsZ1l+ezNkCtgsD3Ju9NctWAtcF4ZudAUQwJPNYBIKl/yRIPYtTlHL7ffM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
dmarc=none (p=none dis=none) header.from=pks.im;
spf=pass smtp.mailfrom=pks.im;
dkim=pass (2048-bit key) header.d=pks.im header.i=@pks.im header.b=qFI0H7vD;
dkim=pass (2048-bit key) header.d=messagingengine.com
header.i=@messagingengine.com header.b=gPIZTzEQ;
arc=none smtp.client-ip=64.147.123.158
Authentication-Results: smtp.subspace.kernel.org;
dmarc=none (p=none dis=none) header.from=pks.im
Authentication-Results: smtp.subspace.kernel.org;
spf=pass smtp.mailfrom=pks.im
Authentication-Results: smtp.subspace.kernel.org;
dkim=pass (2048-bit key) header.d=pks.im header.i=@pks.im
header.b="qFI0H7vD";
dkim=pass (2048-bit key) header.d=messagingengine.com
header.i=@messagingengine.com header.b="gPIZTzEQ"
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
by mailfhigh.west.internal (Postfix) with ESMTP id EA164180008D
for <git@vger.kernel.org>; Fri, 19 Apr 2024 05:51:46 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute4.internal (MEProxy); Fri, 19 Apr 2024 05:51:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=cc
:content-type:content-type:date:date:from:from:in-reply-to
:in-reply-to:message-id:mime-version:references:reply-to:subject
:subject:to:to; s=fm3; t=1713520306; x=1713606706; bh=OSEIt4xkbg
DRrJncCAIen+6gxaNbOxF7JrkRRQY91So=; b=qFI0H7vDASvdnsUyqlbO06KhkO
AyJ58EmqphrFrgZqhRw9nQ8PKAfgBICRV9la+7r35dsOpCYHJMoFUeiWRN3aLCPs
hjYz7DLN1Nie7PlwlHKINfR1EFkKvBat1a609xO5R3Ch+Lo36b/f2Qtka0E+VWD+
IxBOPFLZrJjFsXHEoe9nO46isUaQ8kT0BzmZJ0aWOBf/wocMMC70Xkp/7/3TKkQt
/bXdSYVEkTszOpLVgz7+LAKGR2Ez4DVly67/1IHZM9AyuYid0/ZKEmdcrHfZSDdn
kV+z+8ySraXCF7cDrMVnYl66jlhoX1MOJ/YvgdcPHomQ18fgCpau5ASmeWxQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:content-type:content-type:date:date
:feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
:message-id:mime-version:references:reply-to:subject:subject:to
:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
fm3; t=1713520306; x=1713606706; bh=OSEIt4xkbgDRrJncCAIen+6gxaNb
OxF7JrkRRQY91So=; b=gPIZTzEQjdfl2SrJCGizaaG/7IChwj6Y2UzJ2fgLqk8a
v5xVWIkuBFhgRITagZA7TKJ0bbr88YEQs3+gLrLjT3tasW4i5+fimdEGPvh36gAt
G04Q4s/Fn5Ws52BmFhOJG7YlIpVa7FwAlWAUHxhcefkM83cpFHWESo7MgJ+d30yq
ozeWctt7map6uaABZxn3auZ95MeWIH4iceKZDCUpzGUxEvucy2REnfPTyTpaFSdn
vPU5dUjM4tbZ4gEsX0Y6tJKm7FrNKBtFU4bIzHuSuO4GVslSUKiU+dRIZTEx/+vV
joMGfS45+zsPHv7o5/EOSAGUEmhtV7WRYMKkk5J08A==
X-ME-Sender: <xms:sj4iZpqd8oZCFVAIKh0Fn1oXmnAQSec_RpN0_I2PFLtzx-42BSiX-w>
<xme:sj4iZrqS04zSex21uMoHceA-jXF9hoOOS9OmidOTdY0akW5hjM6mctcsEOPj-As9b
9nLqkRpOiOMoqdEfQ>
X-ME-Received:
<xmr:sj4iZmPtwJJoR7-OV19pu8QKFP-z8WpATG1POf3VluDbcCzrQj-o1eFE1nCdPLbQ_HFeJiY3M-ZJ_XfFg4phLV8zGYrU_--d1tAvyL4L_XEL4INRAQ>
X-ME-Proxy-Cause:
gggruggvucftvghtrhhoucdtuddrgedvledrudekvddgvdduucetufdoteggodetrfdotf
fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujgesghdtre
ertddtvdenucfhrhhomheprfgrthhrihgtkhcuufhtvghinhhhrghrughtuceophhssehp
khhsrdhimheqnecuggftrfgrthhtvghrnhepheeghfdtfeeuffehkefgffduleffjedthf
dvjeektdfhhedvlefgtefgvdettdfhnecuvehluhhsthgvrhfuihiivgepudenucfrrghr
rghmpehmrghilhhfrhhomhepphhssehpkhhsrdhimh
X-ME-Proxy: <xmx:sj4iZk5xk8dv_xc3Nmlbbb_75wewQodtNB5JHVImkDV-2ulvtiDNQA>
<xmx:sj4iZo4Wv8WPXIYKh5JCwLoVAQvuwRiJCoo3VUWomLXnA6ZStkrsDA>
<xmx:sj4iZsjKblDmnDpgtQnDLXfLy9FD33ElMObWj7_emulabilrQjlXxA>
<xmx:sj4iZq6YWZzAlSQ4VgyCR-_SVgWfBqpZT3YckbS1UNAuYbyxtk8_Cw>
<xmx:sj4iZmQY_jrDTHJvKxG3po8OxmY3HgZ-DjkC_mxw0ZqUMchvPi15hrLw>
Feedback-ID: i197146af:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for
<git@vger.kernel.org>; Fri, 19 Apr 2024 05:51:45 -0400 (EDT)
Received:
by localhost (OpenSMTPD) with ESMTPSA id fe14caa2
(TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO)
for <git@vger.kernel.org>;
Fri, 19 Apr 2024 09:51:19 +0000 (UTC)
Date: Fri, 19 Apr 2024 11:51:43 +0200
From: Patrick Steinhardt <ps@pks.im>
To: git@vger.kernel.org
Subject: [PATCH 08/11] builtin/bundle: abort "verify" early when there is no
repository
Message-ID:
<bc4bda3508d22038fa05c510a5ffae53b0af1ceb.1713519789.git.ps@pks.im>
References: <cover.1713519789.git.ps@pks.im>
Precedence: bulk
X-Mailing-List: git@vger.kernel.org
List-Id: <git.vger.kernel.org>
List-Subscribe: <mailto:git+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:git+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="O41lVS/WsHYRgPxn"
Content-Disposition: inline
In-Reply-To: <cover.1713519789.git.ps@pks.im>
|
| Series |
Stop relying on SHA1 fallback for `the_hash_algo`
|
expand
|
diff --git a/builtin/bundle.c b/builtin/bundle.c index 3ad11dc5d0..d5d41a8f67 100644 --- a/builtin/bundle.c +++ b/builtin/bundle.c @@ -140,6 +140,11 @@ static int cmd_bundle_verify(int argc, const char **argv, const char *prefix) { builtin_bundle_verify_usage, options, &bundle_file); /* bundle internals use argv[1] as further parameters */ + if (!startup_info->have_repository) { + ret = error(_("need a repository to verify a bundle")); + goto cleanup; + } + if ((bundle_fd = open_bundle(bundle_file, &header, &name)) < 0) { ret = 1; goto cleanup;
Verifying a bundle requires us to have a repository. This is encoded in `verify_bundle()`, which will return an error if there is no repository. We call `open_bundle()` before we call `verify_bundle()` though, which already performs some verifications even though we may ultimately abort due to a missing repository. This is problematic because `open_bundle()` already reads the bundle header and verifies that it contains a properly formatted hash. When there is no repository we have no clue what hash function to expect though, so we always end up assuming SHA1 here, which may or may not be correct. Furthermore, we are about to stop initializing `the_hash_algo` when there is no repository, which will lead to segfaults. Check early on whether we have a repository to fix this issue. Signed-off-by: Patrick Steinhardt <ps@pks.im> --- builtin/bundle.c | 5 +++++ 1 file changed, 5 insertions(+)