object API users + docs: check <0, not !0 with check_object_signature()

Change those users of the object API that misused
check_object_signature() by assuming it returned any non-zero when the
OID didn't match the expected value to check <0 instead. In practice
all of this code worked before, but it wasn't consistent with rest of
the users of the API.

Let's also clarify what the <0 return value means in API docs.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/builtin/index-pack.c b/builtin/index-pack.c
index 01574378ce2a190a5b0daa76f10b89d4c6b371b2..416f60a98c1d1f7ede6a6d375d8807e5b1e0dd0f 100644 (file)
--- a/builtin/index-pack.c
+++ b/builtin/index-pack.c
@@ -1412,9 +1412,8 @@ static void fix_unresolved_deltas(struct hashfile *f)
                if (!data)
                        continue;
 
-               if (check_object_signature(the_repository, &d->oid,
-                                          data, size,
-                                          type_name(type), NULL))
+               if (check_object_signature(the_repository, &d->oid, data, size,
+                                          type_name(type), NULL) < 0)
                        die(_("local object %s is corrupt"), oid_to_hex(&d->oid));
 
                /*

diff --git a/builtin/mktag.c b/builtin/mktag.c
index 96a3686af531d4d37ea2789e7ff99e31cb083eb1..98d1e66f3279dc98bb294bdf5c62bcb6f6b322aa 100644 (file)
--- a/builtin/mktag.c
+++ b/builtin/mktag.c
@@ -97,7 +97,7 @@ int cmd_mktag(int argc, const char **argv, const char *prefix)
                                &tagged_oid, &tagged_type))
                die(_("tag on stdin did not pass our strict fsck check"));
 
-       if (verify_object_in_tag(&tagged_oid, &tagged_type))
+       if (verify_object_in_tag(&tagged_oid, &tagged_type) < 0)
                die(_("tag on stdin did not refer to a valid object"));
 
        if (write_object_file(buf.buf, buf.len, OBJ_TAG, &result) < 0)

diff --git a/cache.h b/cache.h
index 98d1ef085794b726be56b9eb63ecd70c4f062956..5d081952121a401e176e98f8aa6641166397d5ab 100644 (file)
--- a/cache.h
+++ b/cache.h
@@ -1324,6 +1324,9 @@ int parse_loose_header(const char *hdr, struct object_info *oi);
  * object name actually matches "oid" to detect object corruption.
  * With "buf" == NULL, try reading the object named with "oid" using
  * the streaming interface and rehash it to do the same.
+ *
+ * A negative value indicates an error, usually that the OID is not
+ * what we expected, but it might also indicate another error.
  */
 int check_object_signature(struct repository *r, const struct object_id *oid,
                           void *buf, unsigned long size, const char *type,

diff --git a/object-file.c b/object-file.c
index 44e0b32d71ad51625056f551bc27e6ed8c6928a8..d628f58c0d20789e35380b1eade24547362ea06f 100644 (file)
--- a/object-file.c
+++ b/object-file.c
@@ -2613,7 +2613,7 @@ int read_loose_object(const char *path,
                }
                if (check_object_signature(the_repository, expected_oid,
                                           *contents, *size,
-                                          oi->type_name->buf, real_oid))
+                                          oi->type_name->buf, real_oid) < 0)
                        goto out;
        }
 

diff --git a/pack-check.c b/pack-check.c
index 3f418e3a6afb8ec7a8b401dcca89d5550813748f..48d818ee7b4bf4def661b3847eb79ee11d0a5746 100644 (file)
--- a/pack-check.c
+++ b/pack-check.c
@@ -143,7 +143,7 @@ static int verify_packfile(struct repository *r,
                                    oid_to_hex(&oid), p->pack_name,
                                    (uintmax_t)entries[i].offset);
                else if (check_object_signature(r, &oid, data, size,
-                                               type_name(type), NULL))
+                                               type_name(type), NULL) < 0)
                        err = error("packed %s from %s is corrupt",
                                    oid_to_hex(&oid), p->pack_name);
                else if (fn) {