From: Stefan Sperling <stsp@stsp.name>
Subject: Re: got-read-patch: don't hardcode SHA1_DIGEST_LENGTH
To: Omar Polo <op@omarpolo.com>
Cc: gameoftrees@openbsd.org
Date: Fri, 2 Aug 2024 08:10:21 +0200

On Fri, Aug 02, 2024 at 12:49:35AM +0200, Omar Polo wrote:
> @@ -193,7 +193,11 @@ blobid(const char *line, char **blob, int git)
>  	if ((*blob = strndup(line, len)) == NULL)
>  		return got_error_from_errno("strndup");
>  
> -	if (!git && !got_parse_hash_digest(digest, *blob, GOT_HASH_SHA1)) {
> +	if (git)
> +		return NULL;
> +
> +	if (!got_parse_hash_digest(digest, *blob, GOT_HASH_SHA1) &&
> +	    !got_parse_hash_digest(digest, *blob, GOT_HASH_SHA256)) {

The order of these checks should be flipped because sha2 is longer.
A sha2 hash could end up "truncated" and misparsed as a sha1 hash.

>  		/* silently ignore invalid blob ids */
>  		free(*blob);
>  		*blob = NULL;
> 
>