From: Junio C Hamano <gitster@pobox.com>
To: "Michał Górny" <mgorny@gentoo.org>
Cc: git@vger.kernel.org
Subject: Re: [PATCH v3] gpg-interface.c: detect and reject multiple signatures on commits
Date: Tue, 16 Oct 2018 11:13:34 +0900 [thread overview]
Message-ID: <xmqqva623agh.fsf@gitster-ct.c.googlers.com> (raw)
In-Reply-To: <1539636266.1014.6.camel@gentoo.org> ("Michał Górny"'s message of "Mon, 15 Oct 2018 22:44:26 +0200")
Michał Górny <mgorny@gentoo.org> writes:
>> OK, so the whole thing makes sense to me.
>>
>> Having said that, if we wanted to short-circuit, I think
>>
>> for (each line) {
>> for (each sigcheck_gpg_status[]) {
>> if (not the one on line)
>> continue;
>> if (sigc->result != 'U') {
>> if (sigc->key)
>> goto found_dup;
>> sigc->key = make a copy;
>> if (*next && sigc->result != 'E') {
>> if (sigc->signer)
>> goto found_dup;
>> sigc->signer = make a copy;
>> }
>> }
>> break;
>> }
>> }
>> return;
>>
>> found_dup:
>> sigc->result = 'E';
>> FREE_AND_NULL(sigc->signer);
>> FREE_AND_NULL(sigc->key);
>> return;
>>
>> would also be fine.
>
> Do I understand correctly that you mean to take advantage that 'seen
> exclusive status' cases match 'seen key' cases? I think this would be
> a little less readable.
Yes, the above is taking advantage of: exclusive ones do give us
key and/or signer, so it is a sign that we've found collision
between two exclusive status line if we need to free and replace.
But that was "whole thing makes sense, but if we wanted to...". I
do not know if we want to short-circuit upon finding a single
problem, or parse the whole thing to the end. I guess we could
short-circuit while still using the "seen-exclusive" variable (we
can just do so at the place seen-exclusive is incremented---if it is
already one, then we know we have seen one already and we are
looking at another one).
> That said, I was planning on next patch that replaced the "!= 'U'" test
> with explicit flags for whether a particular status includes key
> and UID. If you'd agree with this direction, I think having this one
> separate as well would make sense.
Yup, it might be a bit over-engineered for this code, but we are
adding the "exclusive" bit to the status[] array already, and I
think it makes sense to also have "does this give us key?" and "does
this tell us signer?" bit there.
Thanks.
prev parent reply other threads:[~2018-10-16 2:13 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-12 21:09 [PATCH v3] gpg-interface.c: detect and reject multiple signatures on commits Michał Górny
2018-10-15 2:39 ` Junio C Hamano
2018-10-15 3:31 ` Junio C Hamano
2018-10-15 20:44 ` Michał Górny
2018-10-16 2:13 ` Junio C Hamano [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqva623agh.fsf@gitster-ct.c.googlers.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=mgorny@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).