lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20190710231919.9631-1-mcroce@redhat.com>
Date:   Thu, 11 Jul 2019 01:19:19 +0200
From:   Matteo Croce <mcroce@...hat.com>
To:     LKML <linux-kernel@...r.kernel.org>
Cc:     Andy Whitcroft <apw@...onical.com>, Joe Perches <joe@...ches.com>
Subject: [PATCH] checkpatch.pl: warn on invalid commit hash

It can happen that a commit message refers to an invalid hash, because
the referenced hash changed following a rebase, or simply by mistake.
Add a check in checkpatch.pl which checks that an hash referenced by a Fixes
tag or just cited in the commit message is a valid commit hash.

    $ scripts/checkpatch.pl <<'EOF'
    Subject: [PATCH] test commit

    Sample test commit to test checkpatch.pl
    Commit 1da177e4c3f4 ("Linux-2.6.12-rc2") really exists,
    commit 0bba044c4ce7 ("tree") is valid but not a commit,
    while commit b4cc0b1c0cca ("unknown") is invalid.

    Fixes: f0cacc14cade ("unknown")
    Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
    EOF
    WARNING: Invalid hash 0bba044c4ce7
    WARNING: Invalid hash b4cc0b1c0cca
    WARNING: Invalid hash f0cacc14cade
    total: 0 errors, 3 warnings, 4 lines checked

Signed-off-by: Matteo Croce <mcroce@...hat.com>
---
 scripts/checkpatch.pl | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index a6d436809bf5..6fe15fbe876f 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -2898,6 +2898,13 @@ sub process {
 			}
 		}
 
+# check for invalid hashes
+		if ($in_commit_log && $line =~ /(^fixes:|commit)\s+([0-9a-f]{6,40})\b/i) {
+			if (`git cat-file -t $2 2>/dev/null` ne "commit\n") {
+				WARN('INVALID_COMMIT_HASH', "Invalid commit hash $2");
+			}
+		}
+
 # ignore non-hunk lines and lines being removed
 		next if (!$hunk_line || $line =~ /^-/);
 
-- 
2.21.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ