Merge branch 'rj/submodule-fsck-skip'

"fsck.skipList" did not prevent a blob object listed there from
being inspected for is contents (e.g. we recently started to
inspect the contents of ".gitmodules" for certain malicious
patterns), which has been corrected.

* rj/submodule-fsck-skip:
fsck: check skiplist for object in fsck_blob()

diff --git a/fsck.c b/fsck.c
index 4dfe65f715467cb31dab418af658968e491a9645..ae4b1f3c09710eff4cfeb4be6e9b9d0488a2d249 100644 (file)
--- a/fsck.c
+++ b/fsck.c
@@ -316,6 +316,13 @@ static void append_msg_id(struct strbuf *sb, const char *msg_id)
        strbuf_addstr(sb, ": ");
 }
 
+static int object_on_skiplist(struct fsck_options *opts, struct object *obj)
+{
+       if (opts && opts->skiplist && obj)
+               return oid_array_lookup(opts->skiplist, &obj->oid) >= 0;
+       return 0;
+}
+
 __attribute__((format (printf, 4, 5)))
 static int report(struct fsck_options *options, struct object *object,
        enum fsck_msg_id id, const char *fmt, ...)
@@ -327,8 +334,7 @@ static int report(struct fsck_options *options, struct object *object,
        if (msg_type == FSCK_IGNORE)
                return 0;
 
-       if (options->skiplist && object &&
-                       oid_array_lookup(options->skiplist, &object->oid) >= 0)
+       if (object_on_skiplist(options, object))
                return 0;
 
        if (msg_type == FSCK_FATAL)
@@ -998,6 +1004,9 @@ static int fsck_blob(struct blob *blob, const char *buf,
                return 0;
        oidset_insert(&gitmodules_done, &blob->object.oid);
 
+       if (object_on_skiplist(options, &blob->object))
+               return 0;
+
        if (!buf) {
                /*
                 * A missing buffer here is a sign that the caller found the