search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'ps/worktree-refdb-initialization'
[git/gitster.git] / fsck.c
blob1ad02fcdfabea74dc7f3d1c214400516d327a421
1 #include "git-compat-util.h"
2 #include "date.h"
3 #include "dir.h"
4 #include "hex.h"
5 #include "object-store-ll.h"
6 #include "path.h"
7 #include "repository.h"
8 #include "object.h"
9 #include "attr.h"
10 #include "blob.h"
11 #include "tree.h"
12 #include "tree-walk.h"
13 #include "commit.h"
14 #include "tag.h"
15 #include "fsck.h"
16 #include "refs.h"
17 #include "url.h"
18 #include "utf8.h"
19 #include "oidset.h"
20 #include "packfile.h"
21 #include "submodule-config.h"
22 #include "config.h"
23 #include "credential.h"
24 #include "help.h"
25
26 static ssize_t max_tree_entry_len = 4096;
27
28 #define STR(x) #x
29 #define MSG_ID(id, msg_type) { STR(id), NULL, NULL, FSCK_##msg_type },
30 static struct {
31 const char *id_string;
32 const char *downcased;
33 const char *camelcased;
34 enum fsck_msg_type msg_type;
35 } msg_id_info[FSCK_MSG_MAX + 1] = {
36 FOREACH_FSCK_MSG_ID(MSG_ID)
37 { NULL, NULL, NULL, -1 }
38 };
39 #undef MSG_ID
40 #undef STR
41
42 static void prepare_msg_ids(void)
43 {
44 int i;
45
46 if (msg_id_info[0].downcased)
47 return;
48
49 /* convert id_string to lower case, without underscores. */
50 for (i = 0; i < FSCK_MSG_MAX; i++) {
51 const char *p = msg_id_info[i].id_string;
52 int len = strlen(p);
53 char *q = xmalloc(len);
54
55 msg_id_info[i].downcased = q;
56 while (*p)
57 if (*p == '_')
58 p++;
59 else
60 *(q)++ = tolower(*(p)++);
61 *q = '\0';
62
63 p = msg_id_info[i].id_string;
64 q = xmalloc(len);
65 msg_id_info[i].camelcased = q;
66 while (*p) {
67 if (*p == '_') {
68 p++;
69 if (*p)
70 *q++ = *p++;
71 } else {
72 *q++ = tolower(*p++);
73 }
74 }
75 *q = '\0';
76 }
77 }
78
79 static int parse_msg_id(const char *text)
80 {
81 int i;
82
83 prepare_msg_ids();
84
85 for (i = 0; i < FSCK_MSG_MAX; i++)
86 if (!strcmp(text, msg_id_info[i].downcased))
87 return i;
88
89 return -1;
90 }
91
92 void list_config_fsck_msg_ids(struct string_list *list, const char *prefix)
93 {
94 int i;
95
96 prepare_msg_ids();
97
98 for (i = 0; i < FSCK_MSG_MAX; i++)
99 list_config_item(list, prefix, msg_id_info[i].camelcased);
100 }
101
102 static enum fsck_msg_type fsck_msg_type(enum fsck_msg_id msg_id,
103 struct fsck_options *options)
104 {
105 assert(msg_id >= 0 && msg_id < FSCK_MSG_MAX);
106
107 if (!options->msg_type) {
108 enum fsck_msg_type msg_type = msg_id_info[msg_id].msg_type;
109
110 if (options->strict && msg_type == FSCK_WARN)
111 msg_type = FSCK_ERROR;
112 return msg_type;
113 }
114
115 return options->msg_type[msg_id];
116 }
117
118 static enum fsck_msg_type parse_msg_type(const char *str)
119 {
120 if (!strcmp(str, "error"))
121 return FSCK_ERROR;
122 else if (!strcmp(str, "warn"))
123 return FSCK_WARN;
124 else if (!strcmp(str, "ignore"))
125 return FSCK_IGNORE;
126 else
127 die("Unknown fsck message type: '%s'", str);
128 }
129
130 int is_valid_msg_type(const char *msg_id, const char *msg_type)
131 {
132 if (parse_msg_id(msg_id) < 0)
133 return 0;
134 parse_msg_type(msg_type);
135 return 1;
136 }
137
138 void fsck_set_msg_type_from_ids(struct fsck_options *options,
139 enum fsck_msg_id msg_id,
140 enum fsck_msg_type msg_type)
141 {
142 if (!options->msg_type) {
143 int i;
144 enum fsck_msg_type *severity;
145 ALLOC_ARRAY(severity, FSCK_MSG_MAX);
146 for (i = 0; i < FSCK_MSG_MAX; i++)
147 severity[i] = fsck_msg_type(i, options);
148 options->msg_type = severity;
149 }
150
151 options->msg_type[msg_id] = msg_type;
152 }
153
154 void fsck_set_msg_type(struct fsck_options *options,
155 const char *msg_id_str, const char *msg_type_str)
156 {
157 int msg_id = parse_msg_id(msg_id_str);
158 char *to_free = NULL;
159 enum fsck_msg_type msg_type;
160
161 if (msg_id < 0)
162 die("Unhandled message id: %s", msg_id_str);
163
164 if (msg_id == FSCK_MSG_LARGE_PATHNAME) {
165 const char *colon = strchr(msg_type_str, ':');
166 if (colon) {
167 msg_type_str = to_free =
168 xmemdupz(msg_type_str, colon - msg_type_str);
169 colon++;
170 if (!git_parse_ssize_t(colon, &max_tree_entry_len))
171 die("unable to parse max tree entry len: %s", colon);
172 }
173 }
174 msg_type = parse_msg_type(msg_type_str);
175
176 if (msg_type != FSCK_ERROR && msg_id_info[msg_id].msg_type == FSCK_FATAL)
177 die("Cannot demote %s to %s", msg_id_str, msg_type_str);
178
179 fsck_set_msg_type_from_ids(options, msg_id, msg_type);
180 free(to_free);
181 }
182
183 void fsck_set_msg_types(struct fsck_options *options, const char *values)
184 {
185 char *buf = xstrdup(values), *to_free = buf;
186 int done = 0;
187
188 while (!done) {
189 int len = strcspn(buf, " ,|"), equal;
190
191 done = !buf[len];
192 if (!len) {
193 buf++;
194 continue;
195 }
196 buf[len] = '\0';
197
198 for (equal = 0;
199 equal < len && buf[equal] != '=' && buf[equal] != ':';
200 equal++)
201 buf[equal] = tolower(buf[equal]);
202 buf[equal] = '\0';
203
204 if (!strcmp(buf, "skiplist")) {
205 if (equal == len)
206 die("skiplist requires a path");
207 oidset_parse_file(&options->skiplist, buf + equal + 1);
208 buf += len + 1;
209 continue;
210 }
211
212 if (equal == len)
213 die("Missing '=': '%s'", buf);
214
215 fsck_set_msg_type(options, buf, buf + equal + 1);
216 buf += len + 1;
217 }
218 free(to_free);
219 }
220
221 static int object_on_skiplist(struct fsck_options *opts,
222 const struct object_id *oid)
223 {
224 return opts && oid && oidset_contains(&opts->skiplist, oid);
225 }
226
227 __attribute__((format (printf, 5, 6)))
228 static int report(struct fsck_options *options,
229 const struct object_id *oid, enum object_type object_type,
230 enum fsck_msg_id msg_id, const char *fmt, ...)
231 {
232 va_list ap;
233 struct strbuf sb = STRBUF_INIT;
234 enum fsck_msg_type msg_type = fsck_msg_type(msg_id, options);
235 int result;
236
237 if (msg_type == FSCK_IGNORE)
238 return 0;
239
240 if (object_on_skiplist(options, oid))
241 return 0;
242
243 if (msg_type == FSCK_FATAL)
244 msg_type = FSCK_ERROR;
245 else if (msg_type == FSCK_INFO)
246 msg_type = FSCK_WARN;
247
248 prepare_msg_ids();
249 strbuf_addf(&sb, "%s: ", msg_id_info[msg_id].camelcased);
250
251 va_start(ap, fmt);
252 strbuf_vaddf(&sb, fmt, ap);
253 result = options->error_func(options, oid, object_type,
254 msg_type, msg_id, sb.buf);
255 strbuf_release(&sb);
256 va_end(ap);
257
258 return result;
259 }
260
261 void fsck_enable_object_names(struct fsck_options *options)
262 {
263 if (!options->object_names)
264 options->object_names = kh_init_oid_map();
265 }
266
267 const char *fsck_get_object_name(struct fsck_options *options,
268 const struct object_id *oid)
269 {
270 khiter_t pos;
271 if (!options->object_names)
272 return NULL;
273 pos = kh_get_oid_map(options->object_names, *oid);
274 if (pos >= kh_end(options->object_names))
275 return NULL;
276 return kh_value(options->object_names, pos);
277 }
278
279 void fsck_put_object_name(struct fsck_options *options,
280 const struct object_id *oid,
281 const char *fmt, ...)
282 {
283 va_list ap;
284 struct strbuf buf = STRBUF_INIT;
285 khiter_t pos;
286 int hashret;
287
288 if (!options->object_names)
289 return;
290
291 pos = kh_put_oid_map(options->object_names, *oid, &hashret);
292 if (!hashret)
293 return;
294 va_start(ap, fmt);
295 strbuf_vaddf(&buf, fmt, ap);
296 kh_value(options->object_names, pos) = strbuf_detach(&buf, NULL);
297 va_end(ap);
298 }
299
300 const char *fsck_describe_object(struct fsck_options *options,
301 const struct object_id *oid)
302 {
303 static struct strbuf bufs[] = {
304 STRBUF_INIT, STRBUF_INIT, STRBUF_INIT, STRBUF_INIT
305 };
306 static int b = 0;
307 struct strbuf *buf;
308 const char *name = fsck_get_object_name(options, oid);
309
310 buf = bufs + b;
311 b = (b + 1) % ARRAY_SIZE(bufs);
312 strbuf_reset(buf);
313 strbuf_addstr(buf, oid_to_hex(oid));
314 if (name)
315 strbuf_addf(buf, " (%s)", name);
316
317 return buf->buf;
318 }
319
320 static int fsck_walk_tree(struct tree *tree, void *data, struct fsck_options *options)
321 {
322 struct tree_desc desc;
323 struct name_entry entry;
324 int res = 0;
325 const char *name;
326
327 if (parse_tree(tree))
328 return -1;
329
330 name = fsck_get_object_name(options, &tree->object.oid);
331 if (init_tree_desc_gently(&desc, tree->buffer, tree->size, 0))
332 return -1;
333 while (tree_entry_gently(&desc, &entry)) {
334 struct object *obj;
335 int result;
336
337 if (S_ISGITLINK(entry.mode))
338 continue;
339
340 if (S_ISDIR(entry.mode)) {
341 obj = (struct object *)lookup_tree(the_repository, &entry.oid);
342 if (name && obj)
343 fsck_put_object_name(options, &entry.oid, "%s%s/",
344 name, entry.path);
345 result = options->walk(obj, OBJ_TREE, data, options);
346 }
347 else if (S_ISREG(entry.mode) || S_ISLNK(entry.mode)) {
348 obj = (struct object *)lookup_blob(the_repository, &entry.oid);
349 if (name && obj)
350 fsck_put_object_name(options, &entry.oid, "%s%s",
351 name, entry.path);
352 result = options->walk(obj, OBJ_BLOB, data, options);
353 }
354 else {
355 result = error("in tree %s: entry %s has bad mode %.6o",
356 fsck_describe_object(options, &tree->object.oid),
357 entry.path, entry.mode);
358 }
359 if (result < 0)
360 return result;
361 if (!res)
362 res = result;
363 }
364 return res;
365 }
366
367 static int fsck_walk_commit(struct commit *commit, void *data, struct fsck_options *options)
368 {
369 int counter = 0, generation = 0, name_prefix_len = 0;
370 struct commit_list *parents;
371 int res;
372 int result;
373 const char *name;
374
375 if (repo_parse_commit(the_repository, commit))
376 return -1;
377
378 name = fsck_get_object_name(options, &commit->object.oid);
379 if (name)
380 fsck_put_object_name(options, get_commit_tree_oid(commit),
381 "%s:", name);
382
383 result = options->walk((struct object *) repo_get_commit_tree(the_repository, commit),
384 OBJ_TREE, data, options);
385 if (result < 0)
386 return result;
387 res = result;
388
389 parents = commit->parents;
390 if (name && parents) {
391 int len = strlen(name), power;
392
393 if (len && name[len - 1] == '^') {
394 generation = 1;
395 name_prefix_len = len - 1;
396 }
397 else { /* parse ~<generation> suffix */
398 for (generation = 0, power = 1;
399 len && isdigit(name[len - 1]);
400 power *= 10)
401 generation += power * (name[--len] - '0');
402 if (power > 1 && len && name[len - 1] == '~')
403 name_prefix_len = len - 1;
404 else {
405 /* Maybe a non-first parent, e.g. HEAD^2 */
406 generation = 0;
407 name_prefix_len = len;
408 }
409 }
410 }
411
412 while (parents) {
413 if (name) {
414 struct object_id *oid = &parents->item->object.oid;
415
416 if (counter++)
417 fsck_put_object_name(options, oid, "%s^%d",
418 name, counter);
419 else if (generation > 0)
420 fsck_put_object_name(options, oid, "%.*s~%d",
421 name_prefix_len, name,
422 generation + 1);
423 else
424 fsck_put_object_name(options, oid, "%s^", name);
425 }
426 result = options->walk((struct object *)parents->item, OBJ_COMMIT, data, options);
427 if (result < 0)
428 return result;
429 if (!res)
430 res = result;
431 parents = parents->next;
432 }
433 return res;
434 }
435
436 static int fsck_walk_tag(struct tag *tag, void *data, struct fsck_options *options)
437 {
438 const char *name = fsck_get_object_name(options, &tag->object.oid);
439
440 if (parse_tag(tag))
441 return -1;
442 if (name)
443 fsck_put_object_name(options, &tag->tagged->oid, "%s", name);
444 return options->walk(tag->tagged, OBJ_ANY, data, options);
445 }
446
447 int fsck_walk(struct object *obj, void *data, struct fsck_options *options)
448 {
449 if (!obj)
450 return -1;
451
452 if (obj->type == OBJ_NONE)
453 parse_object(the_repository, &obj->oid);
454
455 switch (obj->type) {
456 case OBJ_BLOB:
457 return 0;
458 case OBJ_TREE:
459 return fsck_walk_tree((struct tree *)obj, data, options);
460 case OBJ_COMMIT:
461 return fsck_walk_commit((struct commit *)obj, data, options);
462 case OBJ_TAG:
463 return fsck_walk_tag((struct tag *)obj, data, options);
464 default:
465 error("Unknown object type for %s",
466 fsck_describe_object(options, &obj->oid));
467 return -1;
468 }
469 }
470
471 struct name_stack {
472 const char **names;
473 size_t nr, alloc;
474 };
475
476 static void name_stack_push(struct name_stack *stack, const char *name)
477 {
478 ALLOC_GROW(stack->names, stack->nr + 1, stack->alloc);
479 stack->names[stack->nr++] = name;
480 }
481
482 static const char *name_stack_pop(struct name_stack *stack)
483 {
484 return stack->nr ? stack->names[--stack->nr] : NULL;
485 }
486
487 static void name_stack_clear(struct name_stack *stack)
488 {
489 FREE_AND_NULL(stack->names);
490 stack->nr = stack->alloc = 0;
491 }
492
493 /*
494 * The entries in a tree are ordered in the _path_ order,
495 * which means that a directory entry is ordered by adding
496 * a slash to the end of it.
497 *
498 * So a directory called "a" is ordered _after_ a file
499 * called "a.c", because "a/" sorts after "a.c".
500 */
501 #define TREE_UNORDERED (-1)
502 #define TREE_HAS_DUPS (-2)
503
504 static int is_less_than_slash(unsigned char c)
505 {
506 return '\0' < c && c < '/';
507 }
508
509 static int verify_ordered(unsigned mode1, const char *name1,
510 unsigned mode2, const char *name2,
511 struct name_stack *candidates)
512 {
513 int len1 = strlen(name1);
514 int len2 = strlen(name2);
515 int len = len1 < len2 ? len1 : len2;
516 unsigned char c1, c2;
517 int cmp;
518
519 cmp = memcmp(name1, name2, len);
520 if (cmp < 0)
521 return 0;
522 if (cmp > 0)
523 return TREE_UNORDERED;
524
525 /*
526 * Ok, the first <len> characters are the same.
527 * Now we need to order the next one, but turn
528 * a '\0' into a '/' for a directory entry.
529 */
530 c1 = name1[len];
531 c2 = name2[len];
532 if (!c1 && !c2)
533 /*
534 * git-write-tree used to write out a nonsense tree that has
535 * entries with the same name, one blob and one tree. Make
536 * sure we do not have duplicate entries.
537 */
538 return TREE_HAS_DUPS;
539 if (!c1 && S_ISDIR(mode1))
540 c1 = '/';
541 if (!c2 && S_ISDIR(mode2))
542 c2 = '/';
543
544 /*
545 * There can be non-consecutive duplicates due to the implicitly
546 * added slash, e.g.:
547 *
548 * foo
549 * foo.bar
550 * foo.bar.baz
551 * foo.bar/
552 * foo/
553 *
554 * Record non-directory candidates (like "foo" and "foo.bar" in
555 * the example) on a stack and check directory candidates (like
556 * foo/" and "foo.bar/") against that stack.
557 */
558 if (!c1 && is_less_than_slash(c2)) {
559 name_stack_push(candidates, name1);
560 } else if (c2 == '/' && is_less_than_slash(c1)) {
561 for (;;) {
562 const char *p;
563 const char *f_name = name_stack_pop(candidates);
564
565 if (!f_name)
566 break;
567 if (!skip_prefix(name2, f_name, &p))
568 continue;
569 if (!*p)
570 return TREE_HAS_DUPS;
571 if (is_less_than_slash(*p)) {
572 name_stack_push(candidates, f_name);
573 break;
574 }
575 }
576 }
577
578 return c1 < c2 ? 0 : TREE_UNORDERED;
579 }
580
581 static int fsck_tree(const struct object_id *tree_oid,
582 const char *buffer, unsigned long size,
583 struct fsck_options *options)
584 {
585 int retval = 0;
586 int has_null_sha1 = 0;
587 int has_full_path = 0;
588 int has_empty_name = 0;
589 int has_dot = 0;
590 int has_dotdot = 0;
591 int has_dotgit = 0;
592 int has_zero_pad = 0;
593 int has_bad_modes = 0;
594 int has_dup_entries = 0;
595 int not_properly_sorted = 0;
596 int has_large_name = 0;
597 struct tree_desc desc;
598 unsigned o_mode;
599 const char *o_name;
600 struct name_stack df_dup_candidates = { NULL };
601
602 if (init_tree_desc_gently(&desc, buffer, size, TREE_DESC_RAW_MODES)) {
603 retval += report(options, tree_oid, OBJ_TREE,
604 FSCK_MSG_BAD_TREE,
605 "cannot be parsed as a tree");
606 return retval;
607 }
608
609 o_mode = 0;
610 o_name = NULL;
611
612 while (desc.size) {
613 unsigned short mode;
614 const char *name, *backslash;
615 const struct object_id *entry_oid;
616
617 entry_oid = tree_entry_extract(&desc, &name, &mode);
618
619 has_null_sha1 |= is_null_oid(entry_oid);
620 has_full_path |= !!strchr(name, '/');
621 has_empty_name |= !*name;
622 has_dot |= !strcmp(name, ".");
623 has_dotdot |= !strcmp(name, "..");
624 has_dotgit |= is_hfs_dotgit(name) || is_ntfs_dotgit(name);
625 has_zero_pad |= *(char *)desc.buffer == '0';
626 has_large_name |= tree_entry_len(&desc.entry) > max_tree_entry_len;
627
628 if (is_hfs_dotgitmodules(name) || is_ntfs_dotgitmodules(name)) {
629 if (!S_ISLNK(mode))
630 oidset_insert(&options->gitmodules_found,
631 entry_oid);
632 else
633 retval += report(options,
634 tree_oid, OBJ_TREE,
635 FSCK_MSG_GITMODULES_SYMLINK,
636 ".gitmodules is a symbolic link");
637 }
638
639 if (is_hfs_dotgitattributes(name) || is_ntfs_dotgitattributes(name)) {
640 if (!S_ISLNK(mode))
641 oidset_insert(&options->gitattributes_found,
642 entry_oid);
643 else
644 retval += report(options, tree_oid, OBJ_TREE,
645 FSCK_MSG_GITATTRIBUTES_SYMLINK,
646 ".gitattributes is a symlink");
647 }
648
649 if (S_ISLNK(mode)) {
650 if (is_hfs_dotgitignore(name) ||
651 is_ntfs_dotgitignore(name))
652 retval += report(options, tree_oid, OBJ_TREE,
653 FSCK_MSG_GITIGNORE_SYMLINK,
654 ".gitignore is a symlink");
655 if (is_hfs_dotmailmap(name) ||
656 is_ntfs_dotmailmap(name))
657 retval += report(options, tree_oid, OBJ_TREE,
658 FSCK_MSG_MAILMAP_SYMLINK,
659 ".mailmap is a symlink");
660 }
661
662 if ((backslash = strchr(name, '\\'))) {
663 while (backslash) {
664 backslash++;
665 has_dotgit |= is_ntfs_dotgit(backslash);
666 if (is_ntfs_dotgitmodules(backslash)) {
667 if (!S_ISLNK(mode))
668 oidset_insert(&options->gitmodules_found,
669 entry_oid);
670 else
671 retval += report(options, tree_oid, OBJ_TREE,
672 FSCK_MSG_GITMODULES_SYMLINK,
673 ".gitmodules is a symbolic link");
674 }
675 backslash = strchr(backslash, '\\');
676 }
677 }
678
679 if (update_tree_entry_gently(&desc)) {
680 retval += report(options, tree_oid, OBJ_TREE,
681 FSCK_MSG_BAD_TREE,
682 "cannot be parsed as a tree");
683 break;
684 }
685
686 switch (mode) {
687 /*
688 * Standard modes..
689 */
690 case S_IFREG | 0755:
691 case S_IFREG | 0644:
692 case S_IFLNK:
693 case S_IFDIR:
694 case S_IFGITLINK:
695 break;
696 /*
697 * This is nonstandard, but we had a few of these
698 * early on when we honored the full set of mode
699 * bits..
700 */
701 case S_IFREG | 0664:
702 if (!options->strict)
703 break;
704 /* fallthrough */
705 default:
706 has_bad_modes = 1;
707 }
708
709 if (o_name) {
710 switch (verify_ordered(o_mode, o_name, mode, name,
711 &df_dup_candidates)) {
712 case TREE_UNORDERED:
713 not_properly_sorted = 1;
714 break;
715 case TREE_HAS_DUPS:
716 has_dup_entries = 1;
717 break;
718 default:
719 break;
720 }
721 }
722
723 o_mode = mode;
724 o_name = name;
725 }
726
727 name_stack_clear(&df_dup_candidates);
728
729 if (has_null_sha1)
730 retval += report(options, tree_oid, OBJ_TREE,
731 FSCK_MSG_NULL_SHA1,
732 "contains entries pointing to null sha1");
733 if (has_full_path)
734 retval += report(options, tree_oid, OBJ_TREE,
735 FSCK_MSG_FULL_PATHNAME,
736 "contains full pathnames");
737 if (has_empty_name)
738 retval += report(options, tree_oid, OBJ_TREE,
739 FSCK_MSG_EMPTY_NAME,
740 "contains empty pathname");
741 if (has_dot)
742 retval += report(options, tree_oid, OBJ_TREE,
743 FSCK_MSG_HAS_DOT,
744 "contains '.'");
745 if (has_dotdot)
746 retval += report(options, tree_oid, OBJ_TREE,
747 FSCK_MSG_HAS_DOTDOT,
748 "contains '..'");
749 if (has_dotgit)
750 retval += report(options, tree_oid, OBJ_TREE,
751 FSCK_MSG_HAS_DOTGIT,
752 "contains '.git'");
753 if (has_zero_pad)
754 retval += report(options, tree_oid, OBJ_TREE,
755 FSCK_MSG_ZERO_PADDED_FILEMODE,
756 "contains zero-padded file modes");
757 if (has_bad_modes)
758 retval += report(options, tree_oid, OBJ_TREE,
759 FSCK_MSG_BAD_FILEMODE,
760 "contains bad file modes");
761 if (has_dup_entries)
762 retval += report(options, tree_oid, OBJ_TREE,
763 FSCK_MSG_DUPLICATE_ENTRIES,
764 "contains duplicate file entries");
765 if (not_properly_sorted)
766 retval += report(options, tree_oid, OBJ_TREE,
767 FSCK_MSG_TREE_NOT_SORTED,
768 "not properly sorted");
769 if (has_large_name)
770 retval += report(options, tree_oid, OBJ_TREE,
771 FSCK_MSG_LARGE_PATHNAME,
772 "contains excessively large pathname");
773 return retval;
774 }
775
776 /*
777 * Confirm that the headers of a commit or tag object end in a reasonable way,
778 * either with the usual "\n\n" separator, or at least with a trailing newline
779 * on the final header line.
780 *
781 * This property is important for the memory safety of our callers. It allows
782 * them to scan the buffer linewise without constantly checking the remaining
783 * size as long as:
784 *
785 * - they check that there are bytes left in the buffer at the start of any
786 * line (i.e., that the last newline they saw was not the final one we
787 * found here)
788 *
789 * - any intra-line scanning they do will stop at a newline, which will worst
790 * case hit the newline we found here as the end-of-header. This makes it
791 * OK for them to use helpers like parse_oid_hex(), or even skip_prefix().
792 */
793 static int verify_headers(const void *data, unsigned long size,
794 const struct object_id *oid, enum object_type type,
795 struct fsck_options *options)
796 {
797 const char *buffer = (const char *)data;
798 unsigned long i;
799
800 for (i = 0; i < size; i++) {
801 switch (buffer[i]) {
802 case '\0':
803 return report(options, oid, type,
804 FSCK_MSG_NUL_IN_HEADER,
805 "unterminated header: NUL at offset %ld", i);
806 case '\n':
807 if (i + 1 < size && buffer[i + 1] == '\n')
808 return 0;
809 }
810 }
811
812 /*
813 * We did not find double-LF that separates the header
814 * and the body. Not having a body is not a crime but
815 * we do want to see the terminating LF for the last header
816 * line.
817 */
818 if (size && buffer[size - 1] == '\n')
819 return 0;
820
821 return report(options, oid, type,
822 FSCK_MSG_UNTERMINATED_HEADER, "unterminated header");
823 }
824
825 static int fsck_ident(const char **ident,
826 const struct object_id *oid, enum object_type type,
827 struct fsck_options *options)
828 {
829 const char *p = *ident;
830 char *end;
831
832 *ident = strchrnul(*ident, '\n');
833 if (**ident == '\n')
834 (*ident)++;
835
836 if (*p == '<')
837 return report(options, oid, type, FSCK_MSG_MISSING_NAME_BEFORE_EMAIL, "invalid author/committer line - missing space before email");
838 p += strcspn(p, "<>\n");
839 if (*p == '>')
840 return report(options, oid, type, FSCK_MSG_BAD_NAME, "invalid author/committer line - bad name");
841 if (*p != '<')
842 return report(options, oid, type, FSCK_MSG_MISSING_EMAIL, "invalid author/committer line - missing email");
843 if (p[-1] != ' ')
844 return report(options, oid, type, FSCK_MSG_MISSING_SPACE_BEFORE_EMAIL, "invalid author/committer line - missing space before email");
845 p++;
846 p += strcspn(p, "<>\n");
847 if (*p != '>')
848 return report(options, oid, type, FSCK_MSG_BAD_EMAIL, "invalid author/committer line - bad email");
849 p++;
850 if (*p != ' ')
851 return report(options, oid, type, FSCK_MSG_MISSING_SPACE_BEFORE_DATE, "invalid author/committer line - missing space before date");
852 p++;
853 /*
854 * Our timestamp parser is based on the C strto*() functions, which
855 * will happily eat whitespace, including the newline that is supposed
856 * to prevent us walking past the end of the buffer. So do our own
857 * scan, skipping linear whitespace but not newlines, and then
858 * confirming we found a digit. We _could_ be even more strict here,
859 * as we really expect only a single space, but since we have
860 * traditionally allowed extra whitespace, we'll continue to do so.
861 */
862 while (*p == ' ' || *p == '\t')
863 p++;
864 if (!isdigit(*p))
865 return report(options, oid, type, FSCK_MSG_BAD_DATE,
866 "invalid author/committer line - bad date");
867 if (*p == '0' && p[1] != ' ')
868 return report(options, oid, type, FSCK_MSG_ZERO_PADDED_DATE, "invalid author/committer line - zero-padded date");
869 if (date_overflows(parse_timestamp(p, &end, 10)))
870 return report(options, oid, type, FSCK_MSG_BAD_DATE_OVERFLOW, "invalid author/committer line - date causes integer overflow");
871 if ((end == p || *end != ' '))
872 return report(options, oid, type, FSCK_MSG_BAD_DATE, "invalid author/committer line - bad date");
873 p = end + 1;
874 if ((*p != '+' && *p != '-') ||
875 !isdigit(p[1]) ||
876 !isdigit(p[2]) ||
877 !isdigit(p[3]) ||
878 !isdigit(p[4]) ||
879 (p[5] != '\n'))
880 return report(options, oid, type, FSCK_MSG_BAD_TIMEZONE, "invalid author/committer line - bad time zone");
881 p += 6;
882 return 0;
883 }
884
885 static int fsck_commit(const struct object_id *oid,
886 const char *buffer, unsigned long size,
887 struct fsck_options *options)
888 {
889 struct object_id tree_oid, parent_oid;
890 unsigned author_count;
891 int err;
892 const char *buffer_begin = buffer;
893 const char *buffer_end = buffer + size;
894 const char *p;
895
896 /*
897 * We _must_ stop parsing immediately if this reports failure, as the
898 * memory safety of the rest of the function depends on it. See the
899 * comment above the definition of verify_headers() for more details.
900 */
901 if (verify_headers(buffer, size, oid, OBJ_COMMIT, options))
902 return -1;
903
904 if (buffer >= buffer_end || !skip_prefix(buffer, "tree ", &buffer))
905 return report(options, oid, OBJ_COMMIT, FSCK_MSG_MISSING_TREE, "invalid format - expected 'tree' line");
906 if (parse_oid_hex(buffer, &tree_oid, &p) || *p != '\n') {
907 err = report(options, oid, OBJ_COMMIT, FSCK_MSG_BAD_TREE_SHA1, "invalid 'tree' line format - bad sha1");
908 if (err)
909 return err;
910 }
911 buffer = p + 1;
912 while (buffer < buffer_end && skip_prefix(buffer, "parent ", &buffer)) {
913 if (parse_oid_hex(buffer, &parent_oid, &p) || *p != '\n') {
914 err = report(options, oid, OBJ_COMMIT, FSCK_MSG_BAD_PARENT_SHA1, "invalid 'parent' line format - bad sha1");
915 if (err)
916 return err;
917 }
918 buffer = p + 1;
919 }
920 author_count = 0;
921 while (buffer < buffer_end && skip_prefix(buffer, "author ", &buffer)) {
922 author_count++;
923 err = fsck_ident(&buffer, oid, OBJ_COMMIT, options);
924 if (err)
925 return err;
926 }
927 if (author_count < 1)
928 err = report(options, oid, OBJ_COMMIT, FSCK_MSG_MISSING_AUTHOR, "invalid format - expected 'author' line");
929 else if (author_count > 1)
930 err = report(options, oid, OBJ_COMMIT, FSCK_MSG_MULTIPLE_AUTHORS, "invalid format - multiple 'author' lines");
931 if (err)
932 return err;
933 if (buffer >= buffer_end || !skip_prefix(buffer, "committer ", &buffer))
934 return report(options, oid, OBJ_COMMIT, FSCK_MSG_MISSING_COMMITTER, "invalid format - expected 'committer' line");
935 err = fsck_ident(&buffer, oid, OBJ_COMMIT, options);
936 if (err)
937 return err;
938 if (memchr(buffer_begin, '\0', size)) {
939 err = report(options, oid, OBJ_COMMIT, FSCK_MSG_NUL_IN_COMMIT,
940 "NUL byte in the commit object body");
941 if (err)
942 return err;
943 }
944 return 0;
945 }
946
947 static int fsck_tag(const struct object_id *oid, const char *buffer,
948 unsigned long size, struct fsck_options *options)
949 {
950 struct object_id tagged_oid;
951 int tagged_type;
952 return fsck_tag_standalone(oid, buffer, size, options, &tagged_oid,
953 &tagged_type);
954 }
955
956 int fsck_tag_standalone(const struct object_id *oid, const char *buffer,
957 unsigned long size, struct fsck_options *options,
958 struct object_id *tagged_oid,
959 int *tagged_type)
960 {
961 int ret = 0;
962 char *eol;
963 struct strbuf sb = STRBUF_INIT;
964 const char *buffer_end = buffer + size;
965 const char *p;
966
967 /*
968 * We _must_ stop parsing immediately if this reports failure, as the
969 * memory safety of the rest of the function depends on it. See the
970 * comment above the definition of verify_headers() for more details.
971 */
972 ret = verify_headers(buffer, size, oid, OBJ_TAG, options);
973 if (ret)
974 goto done;
975
976 if (buffer >= buffer_end || !skip_prefix(buffer, "object ", &buffer)) {
977 ret = report(options, oid, OBJ_TAG, FSCK_MSG_MISSING_OBJECT, "invalid format - expected 'object' line");
978 goto done;
979 }
980 if (parse_oid_hex(buffer, tagged_oid, &p) || *p != '\n') {
981 ret = report(options, oid, OBJ_TAG, FSCK_MSG_BAD_OBJECT_SHA1, "invalid 'object' line format - bad sha1");
982 if (ret)
983 goto done;
984 }
985 buffer = p + 1;
986
987 if (buffer >= buffer_end || !skip_prefix(buffer, "type ", &buffer)) {
988 ret = report(options, oid, OBJ_TAG, FSCK_MSG_MISSING_TYPE_ENTRY, "invalid format - expected 'type' line");
989 goto done;
990 }
991 eol = memchr(buffer, '\n', buffer_end - buffer);
992 if (!eol) {
993 ret = report(options, oid, OBJ_TAG, FSCK_MSG_MISSING_TYPE, "invalid format - unexpected end after 'type' line");
994 goto done;
995 }
996 *tagged_type = type_from_string_gently(buffer, eol - buffer, 1);
997 if (*tagged_type < 0)
998 ret = report(options, oid, OBJ_TAG, FSCK_MSG_BAD_TYPE, "invalid 'type' value");
999 if (ret)
1000 goto done;
1001 buffer = eol + 1;
1002
1003 if (buffer >= buffer_end || !skip_prefix(buffer, "tag ", &buffer)) {
1004 ret = report(options, oid, OBJ_TAG, FSCK_MSG_MISSING_TAG_ENTRY, "invalid format - expected 'tag' line");
1005 goto done;
1006 }
1007 eol = memchr(buffer, '\n', buffer_end - buffer);
1008 if (!eol) {
1009 ret = report(options, oid, OBJ_TAG, FSCK_MSG_MISSING_TAG, "invalid format - unexpected end after 'type' line");
1010 goto done;
1011 }
1012 strbuf_addf(&sb, "refs/tags/%.*s", (int)(eol - buffer), buffer);
1013 if (check_refname_format(sb.buf, 0)) {
1014 ret = report(options, oid, OBJ_TAG,
1015 FSCK_MSG_BAD_TAG_NAME,
1016 "invalid 'tag' name: %.*s",
1017 (int)(eol - buffer), buffer);
1018 if (ret)
1019 goto done;
1020 }
1021 buffer = eol + 1;
1022
1023 if (buffer >= buffer_end || !skip_prefix(buffer, "tagger ", &buffer)) {
1024 /* early tags do not contain 'tagger' lines; warn only */
1025 ret = report(options, oid, OBJ_TAG, FSCK_MSG_MISSING_TAGGER_ENTRY, "invalid format - expected 'tagger' line");
1026 if (ret)
1027 goto done;
1028 }
1029 else
1030 ret = fsck_ident(&buffer, oid, OBJ_TAG, options);
1031
1032 if (buffer < buffer_end && !starts_with(buffer, "\n")) {
1033 /*
1034 * The verify_headers() check will allow
1035 * e.g. "[...]tagger <tagger>\nsome
1036 * garbage\n\nmessage" to pass, thinking "some
1037 * garbage" could be a custom header. E.g. "mktag"
1038 * doesn't want any unknown headers.
1039 */
1040 ret = report(options, oid, OBJ_TAG, FSCK_MSG_EXTRA_HEADER_ENTRY, "invalid format - extra header(s) after 'tagger'");
1041 if (ret)
1042 goto done;
1043 }
1044
1045 done:
1046 strbuf_release(&sb);
1047 return ret;
1048 }
1049
1050 static int starts_with_dot_slash(const char *const path)
1051 {
1052 return path_match_flags(path, PATH_MATCH_STARTS_WITH_DOT_SLASH |
1053 PATH_MATCH_XPLATFORM);
1054 }
1055
1056 static int starts_with_dot_dot_slash(const char *const path)
1057 {
1058 return path_match_flags(path, PATH_MATCH_STARTS_WITH_DOT_DOT_SLASH |
1059 PATH_MATCH_XPLATFORM);
1060 }
1061
1062 static int submodule_url_is_relative(const char *url)
1063 {
1064 return starts_with_dot_slash(url) || starts_with_dot_dot_slash(url);
1065 }
1066
1067 /*
1068 * Count directory components that a relative submodule URL should chop
1069 * from the remote_url it is to be resolved against.
1070 *
1071 * In other words, this counts "../" components at the start of a
1072 * submodule URL.
1073 *
1074 * Returns the number of directory components to chop and writes a
1075 * pointer to the next character of url after all leading "./" and
1076 * "../" components to out.
1077 */
1078 static int count_leading_dotdots(const char *url, const char **out)
1079 {
1080 int result = 0;
1081 while (1) {
1082 if (starts_with_dot_dot_slash(url)) {
1083 result++;
1084 url += strlen("../");
1085 continue;
1086 }
1087 if (starts_with_dot_slash(url)) {
1088 url += strlen("./");
1089 continue;
1090 }
1091 *out = url;
1092 return result;
1093 }
1094 }
1095 /*
1096 * Check whether a transport is implemented by git-remote-curl.
1097 *
1098 * If it is, returns 1 and writes the URL that would be passed to
1099 * git-remote-curl to the "out" parameter.
1100 *
1101 * Otherwise, returns 0 and leaves "out" untouched.
1102 *
1103 * Examples:
1104 * http::https://example.com/repo.git -> 1, https://example.com/repo.git
1105 * https://example.com/repo.git -> 1, https://example.com/repo.git
1106 * git://example.com/repo.git -> 0
1107 *
1108 * This is for use in checking for previously exploitable bugs that
1109 * required a submodule URL to be passed to git-remote-curl.
1110 */
1111 static int url_to_curl_url(const char *url, const char **out)
1112 {
1113 /*
1114 * We don't need to check for case-aliases, "http.exe", and so
1115 * on because in the default configuration, is_transport_allowed
1116 * prevents URLs with those schemes from being cloned
1117 * automatically.
1118 */
1119 if (skip_prefix(url, "http::", out) ||
1120 skip_prefix(url, "https::", out) ||
1121 skip_prefix(url, "ftp::", out) ||
1122 skip_prefix(url, "ftps::", out))
1123 return 1;
1124 if (starts_with(url, "http://") ||
1125 starts_with(url, "https://") ||
1126 starts_with(url, "ftp://") ||
1127 starts_with(url, "ftps://")) {
1128 *out = url;
1129 return 1;
1130 }
1131 return 0;
1132 }
1133
1134 static int check_submodule_url(const char *url)
1135 {
1136 const char *curl_url;
1137
1138 if (looks_like_command_line_option(url))
1139 return -1;
1140
1141 if (submodule_url_is_relative(url) || starts_with(url, "git://")) {
1142 char *decoded;
1143 const char *next;
1144 int has_nl;
1145
1146 /*
1147 * This could be appended to an http URL and url-decoded;
1148 * check for malicious characters.
1149 */
1150 decoded = url_decode(url);
1151 has_nl = !!strchr(decoded, '\n');
1152
1153 free(decoded);
1154 if (has_nl)
1155 return -1;
1156
1157 /*
1158 * URLs which escape their root via "../" can overwrite
1159 * the host field and previous components, resolving to
1160 * URLs like https::example.com/submodule.git and
1161 * https:///example.com/submodule.git that were
1162 * susceptible to CVE-2020-11008.
1163 */
1164 if (count_leading_dotdots(url, &next) > 0 &&
1165 (*next == ':' || *next == '/'))
1166 return -1;
1167 }
1168
1169 else if (url_to_curl_url(url, &curl_url)) {
1170 struct credential c = CREDENTIAL_INIT;
1171 int ret = 0;
1172 if (credential_from_url_gently(&c, curl_url, 1) ||
1173 !*c.host)
1174 ret = -1;
1175 credential_clear(&c);
1176 return ret;
1177 }
1178
1179 return 0;
1180 }
1181
1182 struct fsck_gitmodules_data {
1183 const struct object_id *oid;
1184 struct fsck_options *options;
1185 int ret;
1186 };
1187
1188 static int fsck_gitmodules_fn(const char *var, const char *value,
1189 const struct config_context *ctx UNUSED,
1190 void *vdata)
1191 {
1192 struct fsck_gitmodules_data *data = vdata;
1193 const char *subsection, *key;
1194 size_t subsection_len;
1195 char *name;
1196
1197 if (parse_config_key(var, "submodule", &subsection, &subsection_len, &key) < 0 ||
1198 !subsection)
1199 return 0;
1200
1201 name = xmemdupz(subsection, subsection_len);
1202 if (check_submodule_name(name) < 0)
1203 data->ret |= report(data->options,
1204 data->oid, OBJ_BLOB,
1205 FSCK_MSG_GITMODULES_NAME,
1206 "disallowed submodule name: %s",
1207 name);
1208 if (!strcmp(key, "url") && value &&
1209 check_submodule_url(value) < 0)
1210 data->ret |= report(data->options,
1211 data->oid, OBJ_BLOB,
1212 FSCK_MSG_GITMODULES_URL,
1213 "disallowed submodule url: %s",
1214 value);
1215 if (!strcmp(key, "path") && value &&
1216 looks_like_command_line_option(value))
1217 data->ret |= report(data->options,
1218 data->oid, OBJ_BLOB,
1219 FSCK_MSG_GITMODULES_PATH,
1220 "disallowed submodule path: %s",
1221 value);
1222 if (!strcmp(key, "update") && value &&
1223 parse_submodule_update_type(value) == SM_UPDATE_COMMAND)
1224 data->ret |= report(data->options, data->oid, OBJ_BLOB,
1225 FSCK_MSG_GITMODULES_UPDATE,
1226 "disallowed submodule update setting: %s",
1227 value);
1228 free(name);
1229
1230 return 0;
1231 }
1232
1233 static int fsck_blob(const struct object_id *oid, const char *buf,
1234 unsigned long size, struct fsck_options *options)
1235 {
1236 int ret = 0;
1237
1238 if (object_on_skiplist(options, oid))
1239 return 0;
1240
1241 if (oidset_contains(&options->gitmodules_found, oid)) {
1242 struct config_options config_opts = { 0 };
1243 struct fsck_gitmodules_data data;
1244
1245 oidset_insert(&options->gitmodules_done, oid);
1246
1247 if (!buf) {
1248 /*
1249 * A missing buffer here is a sign that the caller found the
1250 * blob too gigantic to load into memory. Let's just consider
1251 * that an error.
1252 */
1253 return report(options, oid, OBJ_BLOB,
1254 FSCK_MSG_GITMODULES_LARGE,
1255 ".gitmodules too large to parse");
1256 }
1257
1258 data.oid = oid;
1259 data.options = options;
1260 data.ret = 0;
1261 config_opts.error_action = CONFIG_ERROR_SILENT;
1262 if (git_config_from_mem(fsck_gitmodules_fn, CONFIG_ORIGIN_BLOB,
1263 ".gitmodules", buf, size, &data,
1264 CONFIG_SCOPE_UNKNOWN, &config_opts))
1265 data.ret |= report(options, oid, OBJ_BLOB,
1266 FSCK_MSG_GITMODULES_PARSE,
1267 "could not parse gitmodules blob");
1268 ret |= data.ret;
1269 }
1270
1271 if (oidset_contains(&options->gitattributes_found, oid)) {
1272 const char *ptr;
1273
1274 oidset_insert(&options->gitattributes_done, oid);
1275
1276 if (!buf || size > ATTR_MAX_FILE_SIZE) {
1277 /*
1278 * A missing buffer here is a sign that the caller found the
1279 * blob too gigantic to load into memory. Let's just consider
1280 * that an error.
1281 */
1282 return report(options, oid, OBJ_BLOB,
1283 FSCK_MSG_GITATTRIBUTES_LARGE,
1284 ".gitattributes too large to parse");
1285 }
1286
1287 for (ptr = buf; *ptr; ) {
1288 const char *eol = strchrnul(ptr, '\n');
1289 if (eol - ptr >= ATTR_MAX_LINE_LENGTH) {
1290 ret |= report(options, oid, OBJ_BLOB,
1291 FSCK_MSG_GITATTRIBUTES_LINE_LENGTH,
1292 ".gitattributes has too long lines to parse");
1293 break;
1294 }
1295
1296 ptr = *eol ? eol + 1 : eol;
1297 }
1298 }
1299
1300 return ret;
1301 }
1302
1303 int fsck_object(struct object *obj, void *data, unsigned long size,
1304 struct fsck_options *options)
1305 {
1306 if (!obj)
1307 return report(options, NULL, OBJ_NONE, FSCK_MSG_BAD_OBJECT_SHA1, "no valid object to fsck");
1308
1309 return fsck_buffer(&obj->oid, obj->type, data, size, options);
1310 }
1311
1312 int fsck_buffer(const struct object_id *oid, enum object_type type,
1313 void *data, unsigned long size,
1314 struct fsck_options *options)
1315 {
1316 if (type == OBJ_BLOB)
1317 return fsck_blob(oid, data, size, options);
1318 if (type == OBJ_TREE)
1319 return fsck_tree(oid, data, size, options);
1320 if (type == OBJ_COMMIT)
1321 return fsck_commit(oid, data, size, options);
1322 if (type == OBJ_TAG)
1323 return fsck_tag(oid, data, size, options);
1324
1325 return report(options, oid, type,
1326 FSCK_MSG_UNKNOWN_TYPE,
1327 "unknown type '%d' (internal fsck error)",
1328 type);
1329 }
1330
1331 int fsck_error_function(struct fsck_options *o,
1332 const struct object_id *oid,
1333 enum object_type object_type UNUSED,
1334 enum fsck_msg_type msg_type,
1335 enum fsck_msg_id msg_id UNUSED,
1336 const char *message)
1337 {
1338 if (msg_type == FSCK_WARN) {
1339 warning("object %s: %s", fsck_describe_object(o, oid), message);
1340 return 0;
1341 }
1342 error("object %s: %s", fsck_describe_object(o, oid), message);
1343 return 1;
1344 }
1345
1346 static int fsck_blobs(struct oidset *blobs_found, struct oidset *blobs_done,
1347 enum fsck_msg_id msg_missing, enum fsck_msg_id msg_type,
1348 struct fsck_options *options, const char *blob_type)
1349 {
1350 int ret = 0;
1351 struct oidset_iter iter;
1352 const struct object_id *oid;
1353
1354 oidset_iter_init(blobs_found, &iter);
1355 while ((oid = oidset_iter_next(&iter))) {
1356 enum object_type type;
1357 unsigned long size;
1358 char *buf;
1359
1360 if (oidset_contains(blobs_done, oid))
1361 continue;
1362
1363 buf = repo_read_object_file(the_repository, oid, &type, &size);
1364 if (!buf) {
1365 if (is_promisor_object(oid))
1366 continue;
1367 ret |= report(options,
1368 oid, OBJ_BLOB, msg_missing,
1369 "unable to read %s blob", blob_type);
1370 continue;
1371 }
1372
1373 if (type == OBJ_BLOB)
1374 ret |= fsck_blob(oid, buf, size, options);
1375 else
1376 ret |= report(options, oid, type, msg_type,
1377 "non-blob found at %s", blob_type);
1378 free(buf);
1379 }
1380
1381 oidset_clear(blobs_found);
1382 oidset_clear(blobs_done);
1383
1384 return ret;
1385 }
1386
1387 int fsck_finish(struct fsck_options *options)
1388 {
1389 int ret = 0;
1390
1391 ret |= fsck_blobs(&options->gitmodules_found, &options->gitmodules_done,
1392 FSCK_MSG_GITMODULES_MISSING, FSCK_MSG_GITMODULES_BLOB,
1393 options, ".gitmodules");
1394 ret |= fsck_blobs(&options->gitattributes_found, &options->gitattributes_done,
1395 FSCK_MSG_GITATTRIBUTES_MISSING, FSCK_MSG_GITATTRIBUTES_BLOB,
1396 options, ".gitattributes");
1397
1398 return ret;
1399 }
1400
1401 int git_fsck_config(const char *var, const char *value,
1402 const struct config_context *ctx, void *cb)
1403 {
1404 struct fsck_options *options = cb;
1405 const char *msg_id;
1406
1407 if (strcmp(var, "fsck.skiplist") == 0) {
1408 const char *path;
1409 struct strbuf sb = STRBUF_INIT;
1410
1411 if (git_config_pathname(&path, var, value))
1412 return 1;
1413 strbuf_addf(&sb, "skiplist=%s", path);
1414 free((char *)path);
1415 fsck_set_msg_types(options, sb.buf);
1416 strbuf_release(&sb);
1417 return 0;
1418 }
1419
1420 if (skip_prefix(var, "fsck.", &msg_id)) {
1421 if (!value)
1422 return config_error_nonbool(var);
1423 fsck_set_msg_type(options, msg_id, value);
1424 return 0;
1425 }
1426
1427 return git_default_config(var, value, ctx, cb);
1428 }
1429
1430 /*
1431 * Custom error callbacks that are used in more than one place.
1432 */
1433
1434 int fsck_error_cb_print_missing_gitmodules(struct fsck_options *o,
1435 const struct object_id *oid,
1436 enum object_type object_type,
1437 enum fsck_msg_type msg_type,
1438 enum fsck_msg_id msg_id,
1439 const char *message)
1440 {
1441 if (msg_id == FSCK_MSG_GITMODULES_MISSING) {
1442 puts(oid_to_hex(oid));
1443 return 0;
1444 }
1445 return fsck_error_function(o, oid, object_type, msg_type, msg_id, message);
1446 }
Mirror of Junio's Git repository with all the branches