From dc851d9eae21db8671118d798e55990e199af6af Mon Sep 17 00:00:00 2001 From: Patrick Steinhardt Date: Mon, 13 Feb 2017 13:42:16 +0100 Subject: [PATCH] commit: clear user-provided buffers The functions `git_commit_header_field` and `git_commit_extract_signature` both receive buffers used to hand back the results to the user. While these functions called `git_buf_sanitize` on these buffers, this is not the right thing to do, as it will simply initialize or zero-terminate passed buffers. As we want to overwrite contents, we instead have to call `git_buf_clear` to completely reset them. --- include/git2/commit.h | 9 ++++++--- src/commit.c | 6 +++--- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/include/git2/commit.h b/include/git2/commit.h index 4cc637466..692b3bdd9 100644 --- a/include/git2/commit.h +++ b/include/git2/commit.h @@ -255,7 +255,8 @@ GIT_EXTERN(int) git_commit_nth_gen_ancestor( /** * Get an arbitrary header field * - * @param out the buffer to fill + * @param out the buffer to fill; existing content will be + * overwritten * @param commit the commit to look in * @param field the header field to return * @return 0 on succeess, GIT_ENOTFOUND if the field does not exist, @@ -270,8 +271,10 @@ GIT_EXTERN(int) git_commit_header_field(git_buf *out, const git_commit *commit, * `GITERR_INVALID`. If the commit does not have a signature, the * error class will be `GITERR_OBJECT`. * - * @param signature the signature block - * @param signed_data signed data; this is the commit contents minus the signature block + * @param signature the signature block; existing content will be + * overwritten + * @param signed_data signed data; this is the commit contents minus the signature block; + * existing content will be overwritten * @param repo the repository in which the commit exists * @param commit_id the commit from which to extract the data * @param field the name of the header field containing the signature diff --git a/src/commit.c b/src/commit.c index 87ab2ab60..89a4db115 100644 --- a/src/commit.c +++ b/src/commit.c @@ -642,7 +642,7 @@ int git_commit_header_field(git_buf *out, const git_commit *commit, const char * { const char *eol, *buf = commit->raw_header; - git_buf_sanitize(out); + git_buf_clear(out); while ((eol = strchr(buf, '\n'))) { /* We can skip continuations here */ @@ -706,8 +706,8 @@ int git_commit_extract_signature(git_buf *signature, git_buf *signed_data, git_r const char *h, *eol; int error; - git_buf_sanitize(signature); - git_buf_sanitize(signed_data); + git_buf_clear(signature); + git_buf_clear(signed_data); if (!field) field = "gpgsig";