From 8b44b2be89bf59c0fada6095bdfea66ff53c6074 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Fri, 13 Apr 2018 15:18:35 -0600 Subject: gpg-interface: find the last gpg signature line A signed tag has a detached signature like this: object ... [...more header...] This is the tag body. -----BEGIN PGP SIGNATURE----- [opaque gpg data] -----END PGP SIGNATURE----- Our parser finds the _first_ line that appears to start a PGP signature block, meaning we may be confused by a signature (or a signature-like line) in the actual body. Let's keep parsing and always find the final block, which should be the detached signature over all of the preceding content. Signed-off-by: Jeff King Signed-off-by: Ben Toews Signed-off-by: Junio C Hamano diff --git a/gpg-interface.c b/gpg-interface.c index 79333c1..0647bd6 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -110,11 +110,17 @@ static int is_gpg_start(const char *line) size_t parse_signature(const char *buf, size_t size) { size_t len = 0; - while (len < size && !is_gpg_start(buf + len)) { - const char *eol = memchr(buf + len, '\n', size - len); + size_t match = size; + while (len < size) { + const char *eol; + + if (is_gpg_start(buf + len)) + match = len; + + eol = memchr(buf + len, '\n', size - len); len += eol ? eol - (buf + len) + 1 : size - len; } - return len; + return match; } void set_signing_key(const char *key) diff --git a/t/t7004-tag.sh b/t/t7004-tag.sh index ee093b3..e3f1e01 100755 --- a/t/t7004-tag.sh +++ b/t/t7004-tag.sh @@ -1059,6 +1059,17 @@ test_expect_success GPG \ git tag -v blanknonlfile-signed-tag ' +test_expect_success GPG 'signed tag with embedded PGP message' ' + cat >msg <<-\EOF && + -----BEGIN PGP MESSAGE----- + + this is not a real PGP message + -----END PGP MESSAGE----- + EOF + git tag -s -F msg confusing-pgp-message && + git tag -v confusing-pgp-message +' + # messages with commented lines for signed tags: cat >sigcommentsfile <