Warnings that default to being errorsrb/warnings-for-commit-headers

This is a try at extending the warning API to include warnings
that would be errors unless the user callback decides to demote
them to warnings.  This allows for relaxed parsing logic that will
default to strict behavior but can continue if possible.

1 files changed, 30 insertions, 9 deletions

diff --git a/src/signature.c b/src/signature.c
index a513b0e65..a57d9c4ac 100644
--- a/src/signature.c
+++ b/src/signature.c
@@ -177,17 +177,38 @@ int git_signature__parse(
 	}
 
 	email_start = git__memrchr(buffer, '<', buffer_end - buffer);
-	email_end = git__memrchr(buffer, '>', buffer_end - buffer);
-
-	if (!email_start || !email_end || email_end <= email_start)
-		return signature_error("malformed e-mail");
+	if (!email_start) {
+		if (git_warn_invalid_data(
+				GIT_WARNING_INVALID_DATA__SIGNATURE_EMAIL_MISSING, -1,
+				buffer, (int)(buffer_end - buffer),
+				"missing signature %semail", header) < 0)
+			return signature_error("missing e-mail");
+
+		/* just stop now with everything as name */
+		sig->name = extract_trimmed(buffer, buffer_end - buffer);
+		sig->email = git__strdup("");
+		*buffer_out = buffer_end + 1;
+		return 0;
+	}
 
+	sig->name = extract_trimmed(buffer, email_start - buffer);
 	email_start += 1;
-	sig->name = extract_trimmed(buffer, email_start - buffer - 1);
-	sig->email = extract_trimmed(email_start, email_end - email_start);
+
+	email_end = git__memrchr(email_start, '>', buffer_end - email_start);
+	if (!email_end) {
+		if (git_warn_invalid_data(
+				GIT_WARNING_INVALID_DATA__SIGNATURE_EMAIL_UNTERMINATED, -1,
+				email_start, (int)(buffer_end - email_start),
+				"unterminated signature %semail", header) < 0)
+			return signature_error("malformed e-mail");
+
+		sig->email = extract_trimmed(email_start, buffer_end - email_start);
+	} else {
+		sig->email = extract_trimmed(email_start, email_end - email_start);
+	}
 
 	/* Do we even have a time at the end of the signature? */
-	if (email_end + 2 < buffer_end) {
+	if (email_end != NULL && email_end + 2 < buffer_end) {
 		const char *time_start = email_end + 2;
 		const char *time_end;
 
@@ -200,7 +221,7 @@ int git_signature__parse(
 
 			/* warn (and return error if requested) */
 			if (git_warn_invalid_data(
-					GIT_WARNING_INVALID_DATA__SIGNATURE_TIMESTAMP,
+					GIT_WARNING_INVALID_DATA__SIGNATURE_TIMESTAMP, 0,
 					time_start, (int)(time_end - time_start),
 					"invalid signature %stimestamp", header) < 0)
 				return signature_error("invalid Unix timestamp");
@@ -224,7 +245,7 @@ int git_signature__parse(
 
 				/* warn (and return error if requested) */
 				if (git_warn_invalid_data(
-						GIT_WARNING_INVALID_DATA__SIGNATURE_TIMEZONE,
+						GIT_WARNING_INVALID_DATA__SIGNATURE_TIMEZONE, 0,
 						tz_start, (int)(tz_end - tz_start),
 						"invalid timezone in signature %s", header) < 0)
 					return signature_error("invalid timezone");