Avoid accessing non-tag refs in git-describe unless --all is requested
[gitweb.git] / builtin-show-ref.c
index 296070628c0d631ea5af1124415ce71e71c11c08..a323633e296cef1797ab1d218cea83c891bc3b8d 100644 (file)
@@ -1,10 +1,11 @@
+#include "builtin.h"
 #include "cache.h"
 #include "refs.h"
 #include "object.h"
 #include "tag.h"
 #include "path-list.h"
 
-static const char show_ref_usage[] = "git show-ref [-q|--quiet] [--verify] [-h|--head] [-d|--dereference] [-s|--hash[=<length>]] [--abbrev[=<length>]] [--tags] [--heads] [--] [pattern*] | --filter-invalid < ref-list";
+static const char show_ref_usage[] = "git show-ref [-q|--quiet] [--verify] [-h|--head] [-d|--dereference] [-s|--hash[=<length>]] [--abbrev[=<length>]] [--tags] [--heads] [--] [pattern*] < ref-list";
 
 static int deref_tags = 0, show_head = 0, tags_only = 0, heads_only = 0,
        found_match = 0, verify = 0, quiet = 0, hash_only = 0, abbrev = 0;
@@ -28,8 +29,8 @@ static int show_ref(const char *refname, const unsigned char *sha1, int flag, vo
        if (tags_only || heads_only) {
                int match;
 
-               match = heads_only && !strncmp(refname, "refs/heads/", 11);
-               match |= tags_only && !strncmp(refname, "refs/tags/", 10);
+               match = heads_only && !prefixcmp(refname, "refs/heads/");
+               match |= tags_only && !prefixcmp(refname, "refs/tags/");
                if (!match)
                        return 0;
        }
@@ -85,6 +86,9 @@ static int show_ref(const char *refname, const unsigned char *sha1, int flag, vo
                            sha1_to_hex(sha1));
                if (obj->type == OBJ_TAG) {
                        obj = deref_tag(obj, refname, 0);
+                       if (!obj)
+                               die("git-show-ref: bad tag at ref %s (%s)", refname,
+                                   sha1_to_hex(sha1));
                        hex = find_unique_abbrev(obj->sha1, abbrev);
                        printf("%s %s^{}\n", hex, refname);
                }
@@ -116,11 +120,12 @@ static int exclude_existing(const char *match)
 
        for_each_ref(add_existing, &existing_refs);
        while (fgets(buf, sizeof(buf), stdin)) {
-               int len = strlen(buf);
                char *ref;
+               int len = strlen(buf);
+
                if (len > 0 && buf[len - 1] == '\n')
                        buf[--len] = '\0';
-               if (!strcmp(buf + len - 3, "^{}")) {
+               if (3 <= len && !strcmp(buf + len - 3, "^{}")) {
                        len -= 3;
                        buf[len] = '\0';
                }
@@ -177,8 +182,8 @@ int cmd_show_ref(int argc, const char **argv, const char *prefix)
                        hash_only = 1;
                        continue;
                }
-               if (!strncmp(arg, "--hash=", 7) ||
-                   (!strncmp(arg, "--abbrev", 8) &&
+               if (!prefixcmp(arg, "--hash=") ||
+                   (!prefixcmp(arg, "--abbrev") &&
                     (arg[8] == '=' || arg[8] == '\0'))) {
                        if (arg[2] != 'h' && !arg[8])
                                /* --abbrev only */
@@ -214,16 +219,18 @@ int cmd_show_ref(int argc, const char **argv, const char *prefix)
                }
                if (!strcmp(arg, "--exclude-existing"))
                        return exclude_existing(NULL);
-               if (!strncmp(arg, "--exclude-existing=", 19))
+               if (!prefixcmp(arg, "--exclude-existing="))
                        return exclude_existing(arg + 19);
                usage(show_ref_usage);
        }
 
        if (verify) {
-               unsigned char sha1[20];
-
+               if (!pattern)
+                       die("--verify requires a reference");
                while (*pattern) {
-                       if (!strncmp(*pattern, "refs/", 5) &&
+                       unsigned char sha1[20];
+
+                       if (!prefixcmp(*pattern, "refs/") &&
                            resolve_ref(*pattern, sha1, 1, NULL)) {
                                if (!quiet)
                                        show_one(*pattern, sha1);