From 8a1c7533e2ee468a505656abab364780b15004fc Mon Sep 17 00:00:00 2001
From: Michael Haggerty <mhagger@alum.mit.edu>
Date: Wed, 1 Oct 2014 12:28:21 +0200
Subject: commit_lock_file(): die() if called for unlocked lockfile object

It was previously a bug to call commit_lock_file() with a lock_file
object that was not active (an illegal access would happen within the
function).  It was presumably never done, but this would be an easy
programming error to overlook.  So before continuing, do a consistency
check that the lock_file object really is locked.

Helped-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/Documentation/technical/api-lockfile.txt b/Documentation/technical/api-lockfile.txt
index 99830f3..6538610 100644
--- a/Documentation/technical/api-lockfile.txt
+++ b/Documentation/technical/api-lockfile.txt
@@ -147,7 +147,8 @@ commit_lock_file::
 	`hold_lock_file_for_append`, close the file descriptor and
 	rename the lockfile to its final destination. Return 0 upon
 	success or a negative value on failure to `close(2)` or
-	`rename(2)`.
+	`rename(2)`. It is a bug to call `commit_lock_file()` for a
+	`lock_file` object that is not currently locked.
 
 rollback_lock_file::
 
diff --git a/lockfile.c b/lockfile.c
index e148227..c897dd8 100644
--- a/lockfile.c
+++ b/lockfile.c
@@ -301,6 +301,9 @@ int commit_lock_file(struct lock_file *lk)
 {
 	char result_file[PATH_MAX];
 
+	if (!lk->filename[0])
+		die("BUG: attempt to commit unlocked object");
+
 	if (close_lock_file(lk))
 		return -1;
 
-- 
cgit v0.10.2-6-g49f6