From ce8daa1eb863c9cdefb06feae2ee7c742ea89847 Mon Sep 17 00:00:00 2001 From: Johan Herland Date: Wed, 12 Feb 2014 10:54:16 +0100 Subject: notes: disallow reusing non-blob as a note object Currently "git notes add -C $object" will read the raw bytes from $object, and then copy those bytes into the note object, which is hardcoded to be of type blob. This means that if the given $object is a non-blob (e.g. tree or commit), the raw bytes from that object is copied into a blob object. This is probably not useful, and certainly not what any sane user would expect. So disallow it, by erroring out if the $object passed to the -C option is not a blob. The fix also applies to the -c option (in which the user is prompted to edit/verify the note contents in a text editor), and also when -c/-C is passed to "git notes append" (which appends the $object contents to an existing note object). In both cases, passing a non-blob $object does not make sense. Also add a couple of tests demonstrating expected behavior. Suggested-by: Junio C Hamano Signed-off-by: Johan Herland Signed-off-by: Junio C Hamano --- builtin/notes.c | 6 +++++- t/t3301-notes.sh | 27 +++++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/builtin/notes.c b/builtin/notes.c index e4100c4982..c11d6e6dc8 100644 --- a/builtin/notes.c +++ b/builtin/notes.c @@ -269,7 +269,11 @@ static int parse_reuse_arg(const struct option *opt, const char *arg, int unset) die(_("Failed to resolve '%s' as a valid ref."), arg); if (!(buf = read_sha1_file(object, &type, &len)) || !len) { free(buf); - die(_("Failed to read object '%s'."), arg);; + die(_("Failed to read object '%s'."), arg); + } + if (type != OBJ_BLOB) { + free(buf); + die(_("Cannot read note data from non-blob object '%s'."), arg); } strbuf_add(&(msg->buf), buf, len); free(buf); diff --git a/t/t3301-notes.sh b/t/t3301-notes.sh index 16de05aff9..3bb79a47af 100755 --- a/t/t3301-notes.sh +++ b/t/t3301-notes.sh @@ -812,6 +812,33 @@ test_expect_success 'create note from non-existing note with "git notes add -C" test_must_fail git notes list HEAD ' +test_expect_success 'create note from non-blob with "git notes add -C" fails' ' + commit=$(git rev-parse --verify HEAD) && + tree=$(git rev-parse --verify HEAD:) && + test_must_fail git notes add -C $commit && + test_must_fail git notes add -C $tree && + test_must_fail git notes list HEAD +' + +cat > expect << EOF +commit 80d796defacd5db327b7a4e50099663902fbdc5c +Author: A U Thor +Date: Thu Apr 7 15:20:13 2005 -0700 + + 8th + +Notes (other): + This is a blob object +EOF + +test_expect_success 'create note from blob with "git notes add -C" reuses blob id' ' + blob=$(echo "This is a blob object" | git hash-object -w --stdin) && + git notes add -C $blob && + git log -1 > actual && + test_cmp expect actual && + test "$(git notes list HEAD)" = "$blob" +' + cat > expect << EOF commit 016e982bad97eacdbda0fcbd7ce5b0ba87c81f1b Author: A U Thor -- cgit v1.2.1