On 5/9/2019 5:32 PM, Jeff King wrote:
> Instead, let's do our type check by loading the object via
> parse_object(). That will attach the buffer to the struct so it can be
> used later by check_commit_signature(). And it ensures that
> lookup_commit() will return something sane.
This is a good idea.
> -static int run_gpg_verify(const struct object_id *oid, const char *buf,
> unsigned long size, unsigned flags)
> +static int run_gpg_verify(struct commit *commit, unsigned flags)
> {
> struct signature_check signature_check;
> int ret;
>
> memset(&signature_check, 0, sizeof(signature_check));
>
> - ret = check_commit_signature(lookup_commit(the_repository, oid),
> - &signature_check);
> + ret = check_commit_signature(commit, &signature_check);
> print_signature_buffer(&signature_check, flags);
Bonus drop of the_repository.
>
> signature_check_clear(&signature_check);
> @@ -38,26 +37,20 @@ static int run_gpg_verify(const struct object_id *oid,
> const char *buf, unsigned
>
> static int verify_commit(const char *name, unsigned flags)
> {
> - enum object_type type;
> struct object_id oid;
> - char *buf;
> - unsigned long size;
> - int ret;
> + struct object *obj;
>
> if (get_oid(name, &oid))
> return error("commit '%s' not found.", name);
>
> - buf = read_object_file(&oid, &type, &size);
> - if (!buf)
> + obj = parse_object(the_repository, &oid);
...and it is back, but "higher" up. That's fine.
> + if (!obj)
> return error("%s: unable to read file.", name);
> - if (type != OBJ_COMMIT)
> + if (obj->type != OBJ_COMMIT)
> return error("%s: cannot verify a non-commit object of type
> %s.",
> - name, type_name(type));
> -
> - ret = run_gpg_verify(&oid, buf, size, flags);
> + name, type_name(obj->type));
>
> - free(buf);
> - return ret;
> + return run_gpg_verify((struct commit *)obj, flags);
> }
You pointed out that you thought this patch was subtle. I agree that
there is a slightly changed functionality, but it seems to be
improving a possibly wrong behavior.
Thanks,
-Stolee
