Merge branch 'pw/config-int-parse-fixes'
Assorted fixes of parsing end-user input as integers. * pw/config-int-parse-fixes: git_parse_signed(): avoid integer overflow config: require at least one digit when parsing numbers git_parse_unsigned: reject negative values
This commit is contained in:
Junio C Hamano
24
config.c
24
config.c
@ -1160,21 +1160,26 @@ static int git_parse_signed(const char *value, intmax_t *ret, intmax_t max)
|
||||
if (value && *value) {
|
||||
char *end;
|
||||
intmax_t val;
|
||||
uintmax_t uval;
|
||||
uintmax_t factor;
|
||||
intmax_t factor;
|
||||
|
||||
if (max < 0)
|
||||
BUG("max must be a positive integer");
|
||||
|
||||
errno = 0;
|
||||
val = strtoimax(value, &end, 0);
|
||||
if (errno == ERANGE)
|
||||
return 0;
|
||||
if (end == value) {
|
||||
errno = EINVAL;
|
||||
return 0;
|
||||
}
|
||||
factor = get_unit_factor(end);
|
||||
if (!factor) {
|
||||
errno = EINVAL;
|
||||
return 0;
|
||||
}
|
||||
uval = val < 0 ? -val : val;
|
||||
if (unsigned_mult_overflows(factor, uval) ||
|
||||
factor * uval > max) {
|
||||
if ((val < 0 && -max / factor > val) ||
|
||||
(val > 0 && max / factor < val)) {
|
||||
errno = ERANGE;
|
||||
return 0;
|
||||
}
|
||||
@ -1193,10 +1198,19 @@ static int git_parse_unsigned(const char *value, uintmax_t *ret, uintmax_t max)
|
||||
uintmax_t val;
|
||||
uintmax_t factor;
|
||||
|
||||
/* negative values would be accepted by strtoumax */
|
||||
if (strchr(value, '-')) {
|
||||
errno = EINVAL;
|
||||
return 0;
|
||||
}
|
||||
errno = 0;
|
||||
val = strtoumax(value, &end, 0);
|
||||
if (errno == ERANGE)
|
||||
return 0;
|
||||
if (end == value) {
|
||||
errno = EINVAL;
|
||||
return 0;
|
||||
}
|
||||
factor = get_unit_factor(end);
|
||||
if (!factor) {
|
||||
errno = EINVAL;
|
||||
|
||||
Reference in New Issue
Block a user