odb: verify hashes in read_prefix_1

While the function reading an object from the complete OID already verifies OIDs, we do not yet do so for reading objects from a partial OID. Do so when strict OID verification is enabled.
author: Patrick Steinhardt <ps@pks.im> 2017-04-28 14:05:15 +0200
committer: Patrick Steinhardt <ps@pks.im> 2017-04-28 14:10:37 +0200
commit: e0973bc0fc2b04b6bb27e4ce4db2b37e9577a75d (patch)
tree: 651c7a236dd9cedff8581ad325c3d50eb368231b
parent: 141096202b459a70ca127b1a56a6923a75a064e4 (diff)
download: libgit2-e0973bc0fc2b04b6bb27e4ce4db2b37e9577a75d.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/src/odb.c b/src/odb.c
index e87114769..3090ccaac 100644
--- a/src/odb.c
+++ b/src/odb.c
@@ -1146,6 +1146,18 @@ static int read_prefix_1(git_odb_object **out, git_odb *db,
 	if (!found)
 		return GIT_ENOTFOUND;
 
+	if (git_odb__strict_hash_verification) {
+		git_oid hash;
+
+		if ((error = git_odb_hash(&hash, raw.data, raw.len, raw.type)) < 0)
+			goto out;
+
+		if (!git_oid_equal(&found_full_oid, &hash)) {
+			error = git_odb__error_mismatch(&found_full_oid, &hash);
+			goto out;
+		}
+	}
+
 	if ((object = odb_object__alloc(&found_full_oid, &raw)) == NULL)
 		goto out;
author	Patrick Steinhardt <ps@pks.im>	2017-04-28 14:05:15 +0200
committer	Patrick Steinhardt <ps@pks.im>	2017-04-28 14:10:37 +0200
commit	e0973bc0fc2b04b6bb27e4ce4db2b37e9577a75d (patch)
tree	651c7a236dd9cedff8581ad325c3d50eb368231b
parent	141096202b459a70ca127b1a56a6923a75a064e4 (diff)
download	libgit2-e0973bc0fc2b04b6bb27e4ce4db2b37e9577a75d.tar.gz