From da53282acc8fcdec3666ce8e9f4cea5e4be9502e Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Thu, 10 Jan 2019 14:33:03 +0100 Subject: pkg/vcs: relax check on git hash length We've seen 15 and 17 char hashes already. And 14 wasn't initially in the list, but somebody used it. Relax the check to 8..40 chars. --- pkg/vcs/vcs.go | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'pkg/vcs/vcs.go') diff --git a/pkg/vcs/vcs.go b/pkg/vcs/vcs.go index 4359a575e..cffefcde2 100644 --- a/pkg/vcs/vcs.go +++ b/pkg/vcs/vcs.go @@ -137,11 +137,7 @@ func CheckBranch(branch string) bool { } func CheckCommitHash(hash string) bool { - if !gitHashRe.MatchString(hash) { - return false - } - ln := len(hash) - return ln == 8 || ln == 10 || ln == 12 || ln == 14 || ln == 16 || ln == 20 || ln == 40 + return gitHashRe.MatchString(hash) } func runSandboxed(dir, command string, args ...string) ([]byte, error) { @@ -157,7 +153,7 @@ var ( // nolint: lll gitRepoRe = regexp.MustCompile(`^(git|ssh|http|https|ftp|ftps)://[a-zA-Z0-9-_]+(\.[a-zA-Z0-9-_]+)+(:[0-9]+)?/[a-zA-Z0-9-_./]+\.git(/)?$`) gitBranchRe = regexp.MustCompile("^[a-zA-Z0-9-_/.]{2,200}$") - gitHashRe = regexp.MustCompile("^[a-f0-9]+$") + gitHashRe = regexp.MustCompile("^[a-f0-9]{8,40}$") releaseTagRe = regexp.MustCompile(`^v([0-9]+).([0-9]+)(?:\.([0-9]+))?$`) ccRes = []*regexp.Regexp{ regexp.MustCompile(`^Reviewed\-.*: (.*)$`), -- cgit mrf-deployment