diff --git a/CHANGELOG.md b/CHANGELOG.md index ec5a0d336..9c50f1211 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -29,6 +29,11 @@ v0.23 + 1 * Rebases can now be performed purely in-memory, without touching the repository's workdir. +* When adding objects to the index, or when creating new tree or commit + objects, the inputs are validated to ensure that the dependent objects + exist and are of the correct type. This object validation can be + disabled with the GIT_OPT_ENABLE_STRICT_OBJECT_CREATION option. + ### API additions * `git_config_lock()` has been added, which allow for diff --git a/src/object.c b/src/object.c index e7c1fef09..ebf77fb47 100644 --- a/src/object.c +++ b/src/object.c @@ -14,7 +14,7 @@ #include "blob.h" #include "tag.h" -bool git_object__strict_input_validation = false; +bool git_object__strict_input_validation = true; typedef struct { const char *str; /* type name string */ diff --git a/tests/commit/write.c b/tests/commit/write.c index 303d1ce58..96b7cc321 100644 --- a/tests/commit/write.c +++ b/tests/commit/write.c @@ -38,7 +38,7 @@ void test_commit_write__cleanup(void) cl_git_sandbox_cleanup(); - cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 0)); + cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 1)); } @@ -196,10 +196,12 @@ static int create_commit_from_ids( return ret; } -void test_commit_write__doesnt_validate_objects_by_default(void) +void test_commit_write__can_write_invalid_objects(void) { git_oid expected_id, tree_id, parent_id, commit_id; + cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 0)); + /* this is a valid tree and parent */ git_oid_fromstr(&tree_id, tree_id_str); git_oid_fromstr(&parent_id, parent_id_str); @@ -237,8 +239,6 @@ void test_commit_write__can_validate_objects(void) { git_oid tree_id, parent_id, commit_id; - cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 1)); - /* this is a valid tree and parent */ git_oid_fromstr(&tree_id, tree_id_str); git_oid_fromstr(&parent_id, parent_id_str); diff --git a/tests/index/add.c b/tests/index/add.c index cfa81c4d9..f101ea266 100644 --- a/tests/index/add.c +++ b/tests/index/add.c @@ -20,7 +20,7 @@ void test_index_add__cleanup(void) cl_git_sandbox_cleanup(); g_repo = NULL; - cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 0)); + cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 1)); } static void test_add_entry( @@ -42,7 +42,7 @@ static void test_add_entry( void test_index_add__invalid_entries_succeeds_by_default(void) { /* - * Ensure that there is no validation on ids by default + * Ensure that there is validation on object ids by default */ /* ensure that we can add some actually good entries */ @@ -50,27 +50,6 @@ void test_index_add__invalid_entries_succeeds_by_default(void) test_add_entry(true, valid_blob_id, GIT_FILEMODE_BLOB_EXECUTABLE); test_add_entry(true, valid_blob_id, GIT_FILEMODE_LINK); - /* test that we fail to add some invalid (missing) blobs and trees */ - test_add_entry(true, invalid_id, GIT_FILEMODE_BLOB); - test_add_entry(true, invalid_id, GIT_FILEMODE_BLOB_EXECUTABLE); - test_add_entry(true, invalid_id, GIT_FILEMODE_LINK); - - /* test that we validate the types of objects */ - test_add_entry(true, valid_commit_id, GIT_FILEMODE_BLOB); - test_add_entry(true, valid_tree_id, GIT_FILEMODE_BLOB_EXECUTABLE); - test_add_entry(true, valid_commit_id, GIT_FILEMODE_LINK); - - /* - * Ensure that strict object references will fail the `index_add` - */ - - cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 1)); - - /* ensure that we can add some actually good entries */ - test_add_entry(true, valid_blob_id, GIT_FILEMODE_BLOB); - test_add_entry(true, valid_blob_id, GIT_FILEMODE_BLOB_EXECUTABLE); - test_add_entry(true, valid_blob_id, GIT_FILEMODE_LINK); - /* test that we fail to add some invalid (missing) blobs and trees */ test_add_entry(false, invalid_id, GIT_FILEMODE_BLOB); test_add_entry(false, invalid_id, GIT_FILEMODE_BLOB_EXECUTABLE); @@ -80,5 +59,26 @@ void test_index_add__invalid_entries_succeeds_by_default(void) test_add_entry(false, valid_commit_id, GIT_FILEMODE_BLOB); test_add_entry(false, valid_tree_id, GIT_FILEMODE_BLOB_EXECUTABLE); test_add_entry(false, valid_commit_id, GIT_FILEMODE_LINK); + + /* + * Ensure that there we can disable validation + */ + + cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 0)); + + /* ensure that we can add some actually good entries */ + test_add_entry(true, valid_blob_id, GIT_FILEMODE_BLOB); + test_add_entry(true, valid_blob_id, GIT_FILEMODE_BLOB_EXECUTABLE); + test_add_entry(true, valid_blob_id, GIT_FILEMODE_LINK); + + /* test that we can now add some invalid (missing) blobs and trees */ + test_add_entry(true, invalid_id, GIT_FILEMODE_BLOB); + test_add_entry(true, invalid_id, GIT_FILEMODE_BLOB_EXECUTABLE); + test_add_entry(true, invalid_id, GIT_FILEMODE_LINK); + + /* test that we do not validate the types of objects */ + test_add_entry(true, valid_commit_id, GIT_FILEMODE_BLOB); + test_add_entry(true, valid_tree_id, GIT_FILEMODE_BLOB_EXECUTABLE); + test_add_entry(true, valid_commit_id, GIT_FILEMODE_LINK); } diff --git a/tests/object/tree/write.c b/tests/object/tree/write.c index f779b8ce6..341f5db72 100644 --- a/tests/object/tree/write.c +++ b/tests/object/tree/write.c @@ -19,7 +19,7 @@ void test_object_tree_write__cleanup(void) { cl_git_sandbox_cleanup(); - cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 0)); + cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 1)); } void test_object_tree_write__from_memory(void) @@ -492,11 +492,11 @@ static void test_invalid_objects(bool should_allow_invalid) void test_object_tree_write__object_validity(void) { - /* Ensure that we can add invalid objects by default */ - test_invalid_objects(true); - - /* Ensure that we can turn on validation */ - cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 1)); + /* Ensure that we cannot add invalid objects by default */ test_invalid_objects(false); + + /* Ensure that we can turn off validation */ + cl_git_pass(git_libgit2_opts(GIT_OPT_ENABLE_STRICT_OBJECT_CREATION, 0)); + test_invalid_objects(true); }