Class ObjectChecker
Verifications made by this class only check that the fields of an object are formatted correctly. The ObjectId checksum of the object is not verified, and connectivity links between objects are also not verified. Its assumed that the caller can provide both of these validations on its own.
Instances of this class are not thread safe, but they may be reused to
perform multiple object validations, calling reset()
between them to
clear the internal state (e.g. getGitsubmodules()
)
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enum
Potential issues identified by the checker. -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate boolean
static final byte[]
Header "author "private final MutableInteger
static final byte[]
Header "committer "private static final byte[]
Path ".gitmodules"static final byte[]
Header "encoding "private EnumSet
<ObjectChecker.ErrorType> private final List
<GitmoduleEntry> private boolean
static final byte[]
Header "object "static final byte[]
Header "parent "private ObjectIdSet
static final byte[]
Header "tag "static final byte[]
Header "tagger "private final MutableObjectId
static final byte[]
Header "tree "static final byte[]
Header "type "private boolean
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
check
(int objType, byte[] raw) Check an object for parsing errors.void
check
(AnyObjectId id, int objType, byte[] raw) Check an object for parsing errors.void
checkBlob
(byte[] raw) Check a blob for errors.void
checkCommit
(byte[] raw) Check a commit for errors.void
checkCommit
(AnyObjectId id, byte[] raw) Check a commit for errors.private boolean
checkId
(byte[] raw) private void
checkNotWindowsDevice
(byte[] raw, int ptr, int end, AnyObjectId id) void
checkPath
(byte[] raw, int ptr, int end) Check tree path entry for validity.void
Check tree path entry for validity.void
checkPathSegment
(byte[] raw, int ptr, int end) Check tree path entry for validity.private void
checkPathSegment2
(byte[] raw, int ptr, int end, AnyObjectId id) private void
checkPersonIdent
(byte[] raw, AnyObjectId id) void
checkTag
(byte[] raw) Check an annotated tag for errors.void
checkTag
(AnyObjectId id, byte[] raw) Check an annotated tag for errors.void
checkTree
(byte[] raw) Check a canonical formatted tree for errors.void
checkTree
(AnyObjectId id, byte[] raw) Check a canonical formatted tree for errors.private boolean
checkTruncatedIgnorableUTF8
(byte[] raw, int ptr, int end, AnyObjectId id) private static boolean
duplicateName
(byte[] raw, int thisNamePos, int thisNameEnd) Get the list of ".gitmodules" files found in the pack.private ObjectId
idFor
(int objType, byte[] raw) private static boolean
isGit
(byte[] buf, int p) private boolean
isGitmodules
(byte[] buf, int start, int end, AnyObjectId id) Check if the filename contained in buf[start:end] could be read as a .gitmodules file when checked out to the working directory.private static boolean
isGitTilde1
(byte[] buf, int p, int end) private static boolean
isInvalidOnWindows
(byte c) private boolean
isMacHFSGit
(byte[] raw, int ptr, int end, AnyObjectId id) private boolean
isMacHFSGitmodules
(byte[] raw, int ptr, int end, AnyObjectId id) private boolean
isMacHFSPath
(byte[] raw, int ptr, int end, byte[] path, AnyObjectId id) private static boolean
isNormalizedGit
(byte[] raw, int ptr, int end) private boolean
isNTFSGitmodules
(byte[] buf, int start, int end) private static boolean
isPositiveDigit
(byte b) private boolean
match
(byte[] b, byte[] src) private boolean
matchLowerCase
(byte[] b, int ptr, byte[] src) Create a newBlobObjectChecker
.private String
normalize
(byte[] raw, int ptr, int end) private void
report
(ObjectChecker.ErrorType err, AnyObjectId id, String why) void
reset()
Reset the invocation-specific state from this instance.private int
scanPathSegment
(byte[] raw, int ptr, int end, AnyObjectId id) setAllowInvalidPersonIdent
(boolean allow) Enable accepting invalid author, committer and tagger identities.setAllowLeadingZeroFileMode
(boolean allow) Enable accepting leading zero mode in tree entries.Configure error types to be ignored across all objects.setIgnore
(ObjectChecker.ErrorType id, boolean ignore) Add message type to be ignored across all objects.setSafeForMacOS
(boolean mac) Restrict trees to only names legal on Mac OS X platforms.setSafeForWindows
(boolean win) Restrict trees to only names legal on Windows platforms.setSkipList
(ObjectIdSet objects) Enable accepting specific malformed (but not horribly broken) objects.private static String
toHexString
(byte[] raw, int ptr, int end) private static char
toLower
(byte b)
-
Field Details
-
tree
public static final byte[] treeHeader "tree " -
parent
public static final byte[] parentHeader "parent " -
author
public static final byte[] authorHeader "author " -
committer
public static final byte[] committerHeader "committer " -
encoding
public static final byte[] encodingHeader "encoding " -
object
public static final byte[] objectHeader "object " -
type
public static final byte[] typeHeader "type " -
tag
public static final byte[] tagHeader "tag " -
tagger
public static final byte[] taggerHeader "tagger " -
dotGitmodules
private static final byte[] dotGitmodulesPath ".gitmodules" -
tempId
-
bufPtr
-
errors
-
skipList
-
allowInvalidPersonIdent
private boolean allowInvalidPersonIdent -
windows
private boolean windows -
macosx
private boolean macosx -
gitsubmodules
-
-
Constructor Details
-
ObjectChecker
public ObjectChecker()
-
-
Method Details
-
setSkipList
Enable accepting specific malformed (but not horribly broken) objects.- Parameters:
objects
- collection of object names known to be broken in a non-fatal way that should be ignored by the checker.- Returns:
this
- Since:
- 4.2
-
setIgnore
Configure error types to be ignored across all objects.- Parameters:
ids
- error types to ignore. The caller's set is copied.- Returns:
this
- Since:
- 4.2
-
setIgnore
Add message type to be ignored across all objects.- Parameters:
id
- error type to ignore.ignore
- true to ignore this error; false to treat the error as an error and throw.- Returns:
this
- Since:
- 4.2
-
setAllowLeadingZeroFileMode
Enable accepting leading zero mode in tree entries.Some broken Git libraries generated leading zeros in the mode part of tree entries. This is technically incorrect but gracefully allowed by git-core. JGit rejects such trees by default, but may need to accept them on broken histories.
Same as
setIgnore(ZERO_PADDED_FILEMODE, allow)
.- Parameters:
allow
- allow leading zero mode.- Returns:
this
.- Since:
- 3.4
-
setAllowInvalidPersonIdent
Enable accepting invalid author, committer and tagger identities.Some broken Git versions/libraries allowed users to create commits and tags with invalid formatting between the name, email and timestamp.
- Parameters:
allow
- if true accept invalid person identity strings.- Returns:
this
.- Since:
- 4.0
-
setSafeForWindows
Restrict trees to only names legal on Windows platforms.Also rejects any mixed case forms of reserved names (
.git
).- Parameters:
win
- true if Windows name checking should be performed.- Returns:
this
.- Since:
- 3.4
-
setSafeForMacOS
Restrict trees to only names legal on Mac OS X platforms.Rejects any mixed case forms of reserved names (
.git
) for users working on HFS+ in case-insensitive (default) mode.- Parameters:
mac
- true if Mac OS X name checking should be performed.- Returns:
this
.- Since:
- 3.4
-
check
Check an object for parsing errors.- Parameters:
objType
- type of the object. Must be a valid object type code inConstants
.raw
- the raw data which comprises the object. This should be in the canonical format (that is the format used to generate the ObjectId of the object). The array is never modified.- Throws:
CorruptObjectException
- if an error is identified.
-
check
Check an object for parsing errors.- Parameters:
id
- identify of the object being checked.objType
- type of the object. Must be a valid object type code inConstants
.raw
- the raw data which comprises the object. This should be in the canonical format (that is the format used to generate the ObjectId of the object). The array is never modified.- Throws:
CorruptObjectException
- if an error is identified.- Since:
- 4.2
-
checkId
private boolean checkId(byte[] raw) -
checkPersonIdent
- Throws:
CorruptObjectException
-
checkCommit
Check a commit for errors.- Parameters:
raw
- the commit data. The array is never modified.- Throws:
CorruptObjectException
- if any error was detected.
-
checkCommit
Check a commit for errors.- Parameters:
id
- identity of the object being checked.raw
- the commit data. The array is never modified.- Throws:
CorruptObjectException
- if any error was detected.- Since:
- 4.2
-
checkTag
Check an annotated tag for errors.- Parameters:
raw
- the tag data. The array is never modified.- Throws:
CorruptObjectException
- if any error was detected.
-
checkTag
Check an annotated tag for errors.- Parameters:
id
- identity of the object being checked.raw
- the tag data. The array is never modified.- Throws:
CorruptObjectException
- if any error was detected.- Since:
- 4.2
-
duplicateName
private static boolean duplicateName(byte[] raw, int thisNamePos, int thisNameEnd) -
checkTree
Check a canonical formatted tree for errors.- Parameters:
raw
- the raw tree data. The array is never modified.- Throws:
CorruptObjectException
- if any error was detected.
-
checkTree
Check a canonical formatted tree for errors.- Parameters:
id
- identity of the object being checked.raw
- the raw tree data. The array is never modified.- Throws:
CorruptObjectException
- if any error was detected.- Since:
- 4.2
-
scanPathSegment
private int scanPathSegment(byte[] raw, int ptr, int end, @Nullable AnyObjectId id) throws CorruptObjectException - Throws:
CorruptObjectException
-
idFor
-
report
private void report(@NonNull ObjectChecker.ErrorType err, @Nullable AnyObjectId id, String why) throws CorruptObjectException - Throws:
CorruptObjectException
-
checkPath
Check tree path entry for validity.Unlike
checkPathSegment(byte[], int, int)
, this version scans a multi-directory path string such as"src/main.c"
.- Parameters:
path
- path string to scan.- Throws:
CorruptObjectException
- path is invalid.- Since:
- 3.6
-
checkPath
Check tree path entry for validity.Unlike
checkPathSegment(byte[], int, int)
, this version scans a multi-directory path string such as"src/main.c"
.- Parameters:
raw
- buffer to scan.ptr
- offset to first byte of the name.end
- offset to one past last byte of name.- Throws:
CorruptObjectException
- path is invalid.- Since:
- 3.6
-
checkPathSegment
Check tree path entry for validity.- Parameters:
raw
- buffer to scan.ptr
- offset to first byte of the name.end
- offset to one past last byte of name.- Throws:
CorruptObjectException
- name is invalid.- Since:
- 3.4
-
checkPathSegment2
private void checkPathSegment2(byte[] raw, int ptr, int end, @Nullable AnyObjectId id) throws CorruptObjectException - Throws:
CorruptObjectException
-
isMacHFSPath
private boolean isMacHFSPath(byte[] raw, int ptr, int end, byte[] path, @Nullable AnyObjectId id) throws CorruptObjectException - Throws:
CorruptObjectException
-
isMacHFSGit
private boolean isMacHFSGit(byte[] raw, int ptr, int end, @Nullable AnyObjectId id) throws CorruptObjectException - Throws:
CorruptObjectException
-
isMacHFSGitmodules
private boolean isMacHFSGitmodules(byte[] raw, int ptr, int end, @Nullable AnyObjectId id) throws CorruptObjectException - Throws:
CorruptObjectException
-
checkTruncatedIgnorableUTF8
private boolean checkTruncatedIgnorableUTF8(byte[] raw, int ptr, int end, @Nullable AnyObjectId id) throws CorruptObjectException - Throws:
CorruptObjectException
-
toHexString
-
checkNotWindowsDevice
private void checkNotWindowsDevice(byte[] raw, int ptr, int end, @Nullable AnyObjectId id) throws CorruptObjectException - Throws:
CorruptObjectException
-
isInvalidOnWindows
private static boolean isInvalidOnWindows(byte c) -
isGit
private static boolean isGit(byte[] buf, int p) -
isGitmodules
private boolean isGitmodules(byte[] buf, int start, int end, @Nullable AnyObjectId id) throws CorruptObjectException Check if the filename contained in buf[start:end] could be read as a .gitmodules file when checked out to the working directory. This ought to be a simple comparison, but some filesystems have peculiar rules for normalizing filenames: NTFS has backward-compatibility support for 8.3 synonyms of long file names (see https://web.archive.org/web/20160318181041/https://usn.pw/blog/gen/2015/06/09/filenames/ for details). NTFS is also case-insensitive. MacOS's HFS+ folds away ignorable Unicode characters in addition to case folding.- Parameters:
buf
- byte array to decodestart
- position where a supposed filename is startingend
- position where a supposed filename is endingid
- object id for error reporting- Returns:
- true if the filename in buf could be a ".gitmodules" file
- Throws:
CorruptObjectException
-
matchLowerCase
private boolean matchLowerCase(byte[] b, int ptr, byte[] src) -
isNTFSGitmodules
private boolean isNTFSGitmodules(byte[] buf, int start, int end) -
isGitTilde1
private static boolean isGitTilde1(byte[] buf, int p, int end) -
isNormalizedGit
private static boolean isNormalizedGit(byte[] raw, int ptr, int end) -
match
private boolean match(byte[] b, byte[] src) -
toLower
private static char toLower(byte b) -
isPositiveDigit
private static boolean isPositiveDigit(byte b) -
newBlobObjectChecker
Create a newBlobObjectChecker
.- Returns:
- new BlobObjectChecker or null if it's not provided.
- Since:
- 4.9
-
checkBlob
Check a blob for errors.This may not be called from PackParser in some cases. Use
newBlobObjectChecker()
instead.- Parameters:
raw
- the blob data. The array is never modified.- Throws:
CorruptObjectException
- if any error was detected.
-
normalize
-
getGitsubmodules
Get the list of ".gitmodules" files found in the pack. For each, report its blob id (e.g. to validate its contents) and the tree where it was found (e.g. to check if it is in the root)- Returns:
- List of pairs of ids <tree, blob>.
- Since:
- 4.7.5
-
reset
public void reset()Reset the invocation-specific state from this instance. Specifically this clears the list of .gitmodules files encountered (seegetGitsubmodules()
) Configurations like errors to filter, skip lists or the specified O.S. (set viasetSafeForMacOS(boolean)
orsetSafeForWindows(boolean)
) are NOT cleared.- Since:
- 5.2
-