Fix numerous and mostly long-standing segfaults in consumers of
the *_config_*value_multi() API. As discussed in the preceding commit
an empty key in the config syntax yields a "NULL" string, which these
users would give to strcmp() (or similar), resulting in segfaults.
As this change shows, most users users of the *_config_*value_multi()
API didn't really want such an an unsafe and low-level API, let's give
them something with the safety of git_config_get_string() instead.
This fix is similar to what the *_string() functions and others
acquired in[1] and [2]. Namely introducing and using a safer
"*_get_string_multi()" variant of the low-level "_*value_multi()"
function.
This fixes segfaults in code introduced in:
-
d811c8e17c6 (versionsort: support reorder prerelease suffixes, 2015-02-26)
-
c026557a373 (versioncmp: generalize version sort suffix reordering, 2016-12-08)
-
a086f921a72 (submodule: decouple url and submodule interest, 2017-03-17)
-
a6be5e6764a (log: add log.excludeDecoration config option, 2020-04-16)
-
92156291ca8 (log: add default decoration filter, 2022-08-05)
-
50a044f1e40 (gc: replace config subprocesses with API calls, 2022-09-27)
There are now two users ofthe low-level API:
- One in "builtin/for-each-repo.c", which we'll convert in a
subsequent commit.
- The "t/helper/test-config.c" code added in [3].
As seen in the preceding commit we need to give the
"t/helper/test-config.c" caller these "NULL" entries.
We could also alter the underlying git_configset_get_value_multi()
function to be "string safe", but doing so would leave no room for
other variants of "*_get_value_multi()" that coerce to other types.
Such coercion can't be built on the string version, since as we've
established "NULL" is a true value in the boolean context, but if we
coerced it to "" for use in a list of strings it'll be subsequently
coerced to "false" as a boolean.
The callback pattern being used here will make it easy to introduce
e.g. a "multi" variant which coerces its values to "bool", "int",
"path" etc.
1.
40ea4ed9032 (Add config_error_nonbool() helper function,
2008-02-11)
2.
6c47d0e8f39 (config.c: guard config parser from value=NULL,
2008-02-11).
3.
4c715ebb96a (test-config: add tests for the config_set API,
2014-07-28)
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
if (git_config_get("maintenance.strategy"))
git_config_set("maintenance.strategy", "incremental");
- if (!git_config_get_value_multi(key, &list)) {
+ if (!git_config_get_string_multi(key, &list)) {
for_each_string_list_item(item, list) {
if (!strcmp(maintpath, item->string)) {
found = 1;
git_configset_add_file(&cs, config_file);
}
if (!(config_file
- ? git_configset_get_value_multi(&cs, key, &list)
- : git_config_get_value_multi(key, &list))) {
+ ? git_configset_get_string_multi(&cs, key, &list)
+ : git_config_get_string_multi(key, &list))) {
for_each_string_list_item(item, list) {
if (!strcmp(maintpath, item->string)) {
found = 1;
struct string_list *include = decoration_filter->include_ref_pattern;
const struct string_list *config_exclude;
- if (!git_config_get_value_multi("log.excludeDecoration",
- &config_exclude)) {
+ if (!git_config_get_string_multi("log.excludeDecoration",
+ &config_exclude)) {
struct string_list_item *item;
for_each_string_list_item(item, config_exclude)
string_list_append(decoration_filter->exclude_ref_config_pattern,
return 0;
}
+static int check_multi_string(struct string_list_item *item, void *util)
+{
+ return item->string ? 0 : config_error_nonbool(util);
+}
+
+int git_configset_get_string_multi(struct config_set *cs, const char *key,
+ const struct string_list **dest)
+{
+ int ret;
+
+ if ((ret = git_configset_get_value_multi(cs, key, dest)))
+ return ret;
+ if ((ret = for_each_string_list((struct string_list *)*dest,
+ check_multi_string, (void *)key)))
+ return ret;
+
+ return 0;
+}
+
int git_configset_get(struct config_set *cs, const char *key)
{
struct config_set_element *e;
return git_configset_get_value_multi(repo->config, key, dest);
}
+int repo_config_get_string_multi(struct repository *repo, const char *key,
+ const struct string_list **dest)
+{
+ git_config_check_init(repo);
+ return git_configset_get_string_multi(repo->config, key, dest);
+}
+
int repo_config_get_string(struct repository *repo,
const char *key, char **dest)
{
return repo_config_get_value_multi(the_repository, key, dest);
}
+int git_config_get_string_multi(const char *key,
+ const struct string_list **dest)
+{
+ return repo_config_get_string_multi(the_repository, key, dest);
+}
+
int git_config_get_string(const char *key, char **dest)
{
return repo_config_get_string(the_repository, key, dest);
int git_configset_get_value_multi(struct config_set *cs, const char *key,
const struct string_list **dest);
+/**
+ * A validation wrapper for git_configset_get_value_multi() which does
+ * for it what git_configset_get_string() does for
+ * git_configset_get_value().
+ *
+ * The configuration syntax allows for "[section] key", which will
+ * give us a NULL entry in the "struct string_list", as opposed to
+ * "[section] key =" which is the empty string. Most users of the API
+ * are not prepared to handle NULL in a "struct string_list".
+ */
+int git_configset_get_string_multi(struct config_set *cs, const char *key,
+ const struct string_list **dest);
+
/**
* Clears `config_set` structure, removes all saved variable-value pairs.
*/
RESULT_MUST_BE_USED
int repo_config_get_value_multi(struct repository *repo, const char *key,
const struct string_list **dest);
+RESULT_MUST_BE_USED
+int repo_config_get_string_multi(struct repository *repo, const char *key,
+ const struct string_list **dest);
int repo_config_get_string(struct repository *repo,
const char *key, char **dest);
int repo_config_get_string_tmp(struct repository *repo,
RESULT_MUST_BE_USED
int git_config_get_value_multi(const char *key,
const struct string_list **dest);
+RESULT_MUST_BE_USED
+int git_config_get_string_multi(const char *key,
+ const struct string_list **dest);
/**
* Resets and invalidates the config cache.
{
const struct string_list *dest;
- if (!repo_config_get_value_multi(r, "pack.preferbitmaptips", &dest))
+ if (!repo_config_get_string_multi(r, "pack.preferbitmaptips", &dest))
return dest;
return NULL;
}
free(key);
/* submodule.active is set */
- if (!repo_config_get_value_multi(repo, "submodule.active", &sl)) {
+ if (!repo_config_get_string_multi(repo, "submodule.active", &sl)) {
struct pathspec ps;
struct strvec args = STRVEC_INIT;
const struct string_list_item *item;
'
-test_expect_failure 'parse log.excludeDecoration with no value' '
+test_expect_success 'parse log.excludeDecoration with no value' '
cp .git/config .git/config.orig &&
test_when_finished mv .git/config.orig .git/config &&
[log]
excludeDecoration
EOF
- git log --decorate=short
+ cat >expect <<-\EOF &&
+ error: missing value for '\''log.excludeDecoration'\''
+ EOF
+ git log --decorate=short 2>actual &&
+ test_cmp expect actual
'
test_expect_success 'decorate-refs with glob' '
)
'
- test_expect_failure 'pack.preferBitmapTips' '
+ test_expect_success 'pack.preferBitmapTips' '
git init repo &&
test_when_finished "rm -rf repo" &&
(
[pack]
preferBitmapTips
EOF
- git repack -adb
+ cat >expect <<-\EOF &&
+ error: missing value for '\''pack.preferbitmaptips'\''
+ EOF
+ git repack -adb 2>actual &&
+ test_cmp expect actual
)
'
test_must_fail git tag -l "foo*"
'
-test_expect_failure 'version sort handles empty value for versionsort.{prereleaseSuffix,suffix}' '
+test_expect_success 'version sort handles empty value for versionsort.{prereleaseSuffix,suffix}' '
cp .git/config .git/config.orig &&
test_when_finished mv .git/config.orig .git/config &&
prereleaseSuffix
suffix
EOF
- git tag -l --sort=version:refname
+ cat >expect <<-\EOF &&
+ error: missing value for '\''versionsort.suffix'\''
+ error: missing value for '\''versionsort.prereleasesuffix'\''
+ EOF
+ git tag -l --sort=version:refname 2>actual &&
+ test_cmp expect actual
'
test_expect_success 'version sort with prerelease reordering' '
test-tool -C super submodule is-active sub1
'
-test_expect_failure 'is-active handles submodule.active config missing a value' '
+test_expect_success 'is-active handles submodule.active config missing a value' '
cp super/.git/config super/.git/config.orig &&
test_when_finished mv super/.git/config.orig super/.git/config &&
active
EOF
- test-tool -C super submodule is-active sub1
+ cat >expect <<-\EOF &&
+ error: missing value for '\''submodule.active'\''
+ EOF
+ test-tool -C super submodule is-active sub1 2>actual &&
+ test_cmp expect actual
'
test_expect_success 'is-active works with basic submodule.active config' '
git maintenance unregister --config-file ./other --force
'
-test_expect_failure 'register with no value for maintenance.repo' '
+test_expect_success 'register with no value for maintenance.repo' '
cp .git/config .git/config.orig &&
test_when_finished mv .git/config.orig .git/config &&
[maintenance]
repo
EOF
- git maintenance register
+ cat >expect <<-\EOF &&
+ error: missing value for '\''maintenance.repo'\''
+ EOF
+ git maintenance register 2>actual &&
+ test_cmp expect actual &&
+ git config maintenance.repo
'
-test_expect_failure 'unregister with no value for maintenance.repo' '
+test_expect_success 'unregister with no value for maintenance.repo' '
cp .git/config .git/config.orig &&
test_when_finished mv .git/config.orig .git/config &&
[maintenance]
repo
EOF
- git maintenance unregister &&
- git maintenance unregister --force
+ cat >expect <<-\EOF &&
+ error: missing value for '\''maintenance.repo'\''
+ EOF
+ test_expect_code 128 git maintenance unregister 2>actual.raw &&
+ grep ^error actual.raw >actual &&
+ test_cmp expect actual &&
+ git config maintenance.repo &&
+
+ git maintenance unregister --force 2>actual.raw &&
+ grep ^error actual.raw >actual &&
+ test_cmp expect actual &&
+ git config maintenance.repo
'
test_expect_success !MINGW 'register and unregister with regex metacharacters' '
const char *const oldk = "versionsort.prereleasesuffix";
const struct string_list *newl;
const struct string_list *oldl;
- int new = git_config_get_value_multi(newk, &newl);
- int old = git_config_get_value_multi(oldk, &oldl);
+ int new = git_config_get_string_multi(newk, &newl);
+ int old = git_config_get_string_multi(oldk, &oldl);
if (!new && !old)
warning("ignoring %s because %s is set", oldk, newk);
projects / thirdparty / git.git / commitdiff
