kernel
/
git
mirror of https://git.kernel.org/pub/scm/git/git.git
1
0
Fork 0
Code Releases Activity

fast-import.c::validate_raw_date(): really validate the value 

When reading the "raw format" timestamp from the input stream, make sure
that the timezone offset is a reasonable value by imitating 7122f82
(date.c: improve guess between timezone offset and year., 2006-06-08).

We _might_ want to also check if the timestamp itself is reasonable, but
that is left for a separate commit.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
maint
Junio C Hamano 2009-09-28 23:40:09 -07:00
parent 04ce83e2b9
commit 1cd749cc07
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
fast-import.c
View File

@ -1744,10 +1744,12 @@ static int validate_raw_date(const char *src, char *result, int maxlen)
{ {
const char *orig_src = src; const char *orig_src = src;
char *endp; char *endp;
unsigned long num;


errno = 0; errno = 0;


strtoul(src, &endp, 10); num = strtoul(src, &endp, 10);
/* NEEDSWORK: perhaps check for reasonable values? */
if (errno || endp == src || *endp != ' ') if (errno || endp == src || *endp != ' ')
return -1; return -1;


@ -1755,8 +1757,9 @@ static int validate_raw_date(const char *src, char *result, int maxlen)
if (*src != '-' && *src != '+') if (*src != '-' && *src != '+')
return -1; return -1;


strtoul(src + 1, &endp, 10); num = strtoul(src + 1, &endp, 10);
if (errno || endp == src || *endp || (endp - orig_src) >= maxlen) if (errno || endp == src + 1 || *endp || (endp - orig_src) >= maxlen ||
1400 < num)
return -1; return -1;


strcpy(result, orig_src); strcpy(result, orig_src);