Andrew's git / gitweb.git / blobdiff
?
wt-status.h: drop stdio.h include
[gitweb.git] / builtin / get-tar-commit-id.c
diff --git a/builtin/get-tar-commit-id.c b/builtin/get-tar-commit-id.c
index 2706fcfaf2261e2ac2eaff5a054d0dd7a9291c0b..491af9202dc937339db83980e2bf96de6ff81646 100644 (file)
--- a/builtin/get-tar-commit-id.c
+++ b/builtin/get-tar-commit-id.c
@@ -21,6 +21,8 @@ int cmd_get_tar_commit_id(int argc, const char **argv, const char *prefix)
        char *content = buffer + RECORDSIZE;
        const char *comment;
        ssize_t n;
+       long len;
+       char *end;
 
        if (argc != 1)
                usage(builtin_get_tar_commit_id_usage);
@@ -32,10 +34,18 @@ int cmd_get_tar_commit_id(int argc, const char **argv, const char *prefix)
                die_errno("git get-tar-commit-id: EOF before reading tar header");
        if (header->typeflag[0] != 'g')
                return 1;
-       if (!skip_prefix(content, "52 comment=", &comment))
+
+       len = strtol(content, &end, 10);
+       if (errno == ERANGE || end == content || len < 0)
+               return 1;
+       if (!skip_prefix(end, " comment=", &comment))
+               return 1;
+       len -= comment - content;
+       if (len < 1 || !(len % 2) ||
+           hash_algo_by_length((len - 1) / 2) == GIT_HASH_UNKNOWN)
                return 1;
 
-       if (write_in_full(1, comment, 41) < 0)
+       if (write_in_full(1, comment, len) < 0)
                die_errno("git get-tar-commit-id: write error");
 
        return 0;