Re: [PATCH 2/5] gpg-interface: improve interface for parsing tags

From: Junio C Hamano <gitster@pobox.com>
To: "brian m. carlson" <sandals@crustytoothpaste.net>
Cc: <git@vger.kernel.org>, Eric Sunshine <sunshine@sunshineco.com>,
	Denton Liu <liu.denton@gmail.com>, Jeff King <peff@peff.net>
Subject: Re: [PATCH 2/5] gpg-interface: improve interface for parsing tags
Date: Mon, 11 Jan 2021 20:58:57 -0800	[thread overview]
Message-ID: <xmqqbldu699q.fsf@gitster.c.googlers.com> (raw)
In-Reply-To: <20210111003740.1319996-3-sandals@crustytoothpaste.net> (brian m. carlson's message of "Mon, 11 Jan 2021 00:37:35 +0000")

"brian m. carlson" <sandals@crustytoothpaste.net> writes:

> diff --git a/ref-filter.c b/ref-filter.c
> index aa260bfd09..8d8baec1b5 100644
> --- a/ref-filter.c
> +++ b/ref-filter.c
> @@ -1215,7 +1215,13 @@ static void find_subpos(const char *buf,
>  			unsigned long *nonsiglen,
>  			const char **sig, unsigned long *siglen)
>  {
> +	struct strbuf payload = STRBUF_INIT;
> +	struct strbuf signature = STRBUF_INIT;
>  	const char *eol;
> +	const char *end = buf + strlen(buf);
> +	const char *sigstart;
> +
> +
>  	/* skip past header until we hit empty line */
>  	while (*buf && *buf != '\n') {
>  		eol = strchrnul(buf, '\n');
> @@ -1228,14 +1234,15 @@ static void find_subpos(const char *buf,
>  		buf++;
>  
>  	/* parse signature first; we might not even have a subject line */
> -	*sig = buf + parse_signature(buf, strlen(buf));
> -	*siglen = strlen(*sig);
> +	parse_signature(buf, end - buf, &payload, &signature);
> +	*sig = strbuf_detach(&signature, siglen);

"unsigned long *siglen" may not be the same as "size_t *siglen", and
the latter is what strbuf_detach() expects to see.  This breaks
32-bit builds e.g. [*1*].

I suspect that all these ${foo}len, including the parameter to this
function but also the four local variables in its sole caller, would
want to become size_t.

Thanks.

[Reference]

*1* https://github.com/git/git/runs/1685453231?check_suite_focus=true#step:5:519