To make this code independent of the hash size, verify that the length
of the comment is equal to that of any supported hash algorithm.
Signed-off-by: brian m. carlson <sand...@crustytoothpaste.net>
---
builtin/get-tar-commit-id.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/builtin/get-tar-commit-id.c b/builtin/get-tar-commit-id.c
index 312e44ed05..491af9202d 100644
--- a/builtin/get-tar-commit-id.c
+++ b/builtin/get-tar-commit-id.c
@@ -41,7 +41,8 @@ int cmd_get_tar_commit_id(int argc, const char **argv, const
char *prefix)
if (!skip_prefix(end, " comment=", &comment))
return 1;
len -= comment - content;
- if (len != GIT_SHA1_HEXSZ + 1)
+ if (len < 1 || !(len % 2) ||
+ hash_algo_by_length((len - 1) / 2) == GIT_HASH_UNKNOWN)
return 1;
if (write_in_full(1, comment, len) < 0)
