Skip to content
This repository was archived by the owner on Sep 11, 2020. It is now read-only.
This repository was archived by the owner on Sep 11, 2020. It is now read-only.

Message on signed tagged commits contains extra new line #1111

Closed
#1118
Closed
Message on signed tagged commits contains extra new line#1111
#1118
@filipnavara

Description

@filipnavara
filipnavara
opened on Apr 15, 2019

The following code reads one extra new line past the PGP signature block and appends it to Message:

go-git/plumbing/object/tag.go

Lines 140 to 159 in 8c3c8b3

for _, l := range messageAndSig {
if pgpsig {
if bytes.Contains(l, []byte(endpgp)) {
t.PGPSignature += endpgp + "\n"
pgpsig = false
} else {
t.PGPSignature += string(l) + "\n"
}
continue
}
// Check if it's the beginning of a PGP signature.
if bytes.Contains(l, []byte(beginpgp)) {
t.PGPSignature += beginpgp + "\n"
pgpsig = true
continue
}
t.Message += string(l) + "\n"
}

I am not sure what a proper fix is, but bailing out of the loop on this line instead of setting pgpsig = false seemed to correct the problem:

go-git/plumbing/object/tag.go

Line 144 in 8c3c8b3

pgpsig = false

We noticed this when trying to manually reconstruct the payload and verify the PGP signature.

Commit 8c3c8b3 seems to partially mask the problem.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions