path: root/builtin/verify-commit.c
diff options
authorJeff King <>2019-05-09 21:32:29 (GMT)
committerJunio C Hamano <>2019-05-13 05:22:54 (GMT)
commit837303700a73836930cfe1e870e5abb8c730e2fd (patch)
treebe41eb6c58a4fb3bd8b545ad082609dec06ff324 /builtin/verify-commit.c
parentd713e88c401f2af054b7b653e83e2cd0795ef140 (diff)
verify-commit: simplify parameters to run_gpg_verify()
The buf/len parameters of run_gpg_verify() have never been used since the function was added in d07b00b7f3 (verify-commit: scriptable commit signature verification, 2014-06-23). Instead, check_commit_signature() accesses the commit struct directly. Worse, we read the whole object just to check its type and do not attach it to the "struct commit". Meaning we end up loading the object from disk twice for no good reason. And to further confuse matters, our type check is comes from what we read from disk, but we later assume that lookup_commit() will return non-NULL. This might not be true if some other object previously referenced the same oid as a non-commit (though this may be impossible to trigger in practice since we don't generally parse any other objects in this command). Instead, let's do our type check by loading the object via parse_object(). That will attach the buffer to the struct so it can be used later by check_commit_signature(). And it ensures that lookup_commit() will return something sane. And then we can just drop the unused "buf" and "len" parameters entirely. Signed-off-by: Jeff King <> Signed-off-by: Junio C Hamano <>
Diffstat (limited to 'builtin/verify-commit.c')
1 files changed, 8 insertions, 15 deletions
diff --git a/builtin/verify-commit.c b/builtin/verify-commit.c
index 7772c07..4b9e823 100644
--- a/builtin/verify-commit.c
+++ b/builtin/verify-commit.c
@@ -21,15 +21,14 @@ static const char * const verify_commit_usage[] = {
-static int run_gpg_verify(const struct object_id *oid, const char *buf, unsigned long size, unsigned flags)
+static int run_gpg_verify(struct commit *commit, unsigned flags)
struct signature_check signature_check;
int ret;
memset(&signature_check, 0, sizeof(signature_check));
- ret = check_commit_signature(lookup_commit(the_repository, oid),
- &signature_check);
+ ret = check_commit_signature(commit, &signature_check);
print_signature_buffer(&signature_check, flags);
@@ -38,26 +37,20 @@ static int run_gpg_verify(const struct object_id *oid, const char *buf, unsigned
static int verify_commit(const char *name, unsigned flags)
- enum object_type type;
struct object_id oid;
- char *buf;
- unsigned long size;
- int ret;
+ struct object *obj;
if (get_oid(name, &oid))
return error("commit '%s' not found.", name);
- buf = read_object_file(&oid, &type, &size);
- if (!buf)
+ obj = parse_object(the_repository, &oid);
+ if (!obj)
return error("%s: unable to read file.", name);
- if (type != OBJ_COMMIT)
+ if (obj->type != OBJ_COMMIT)
return error("%s: cannot verify a non-commit object of type %s.",
- name, type_name(type));
- ret = run_gpg_verify(&oid, buf, size, flags);
+ name, type_name(obj->type));
- free(buf);
- return ret;
+ return run_gpg_verify((struct commit *)obj, flags);
static int git_verify_commit_config(const char *var, const char *value, void *cb)