Merge branch 'maint'

* maint: fast-import.c::validate_raw_date(): really validate the value
author: Junio C Hamano <gitster@pobox.com> 2009-10-07 21:32:39 -0700
committer: Junio C Hamano <gitster@pobox.com> 2009-10-07 21:32:39 -0700
commit: f539cfbe8c157885197d1b6e4c1bcc6cbc54d0b9 (patch)
tree: df6f9640ab4509ec71b8a8b8df3e1fdc23ae17cd
parent: f73b3af3f047bcc503e8860c2075052309627e60 (diff)
parent: 1cd749cc0722533bd1849f491ec9ab19e17232e1 (diff)
download: git-f539cfbe8c157885197d1b6e4c1bcc6cbc54d0b9.tar.gz
1 files changed, 6 insertions, 3 deletions
diff --git a/fast-import.c b/fast-import.c
index 7ef9865aa6..6faaaacb68 100644
--- a/fast-import.c
+++ b/fast-import.c
@@ -1744,10 +1744,12 @@ static int validate_raw_date(const char *src, char *result, int maxlen)
 {
 	const char *orig_src = src;
 	char *endp;
+	unsigned long num;
 
 	errno = 0;
 
-	strtoul(src, &endp, 10);
+	num = strtoul(src, &endp, 10);
+	/* NEEDSWORK: perhaps check for reasonable values? */
 	if (errno || endp == src || *endp != ' ')
 		return -1;
 
@@ -1755,8 +1757,9 @@ static int validate_raw_date(const char *src, char *result, int maxlen)
 	if (*src != '-' && *src != '+')
 		return -1;
 
-	strtoul(src + 1, &endp, 10);
-	if (errno || endp == src || *endp || (endp - orig_src) >= maxlen)
+	num = strtoul(src + 1, &endp, 10);
+	if (errno || endp == src + 1 || *endp || (endp - orig_src) >= maxlen ||
+	    1400 < num)
 		return -1;
 
 	strcpy(result, orig_src);
author	Junio C Hamano <gitster@pobox.com>	2009-10-07 21:32:39 -0700
committer	Junio C Hamano <gitster@pobox.com>	2009-10-07 21:32:39 -0700
commit	f539cfbe8c157885197d1b6e4c1bcc6cbc54d0b9 (patch)
tree	df6f9640ab4509ec71b8a8b8df3e1fdc23ae17cd
parent	f73b3af3f047bcc503e8860c2075052309627e60 (diff)
parent	1cd749cc0722533bd1849f491ec9ab19e17232e1 (diff)
download	git-f539cfbe8c157885197d1b6e4c1bcc6cbc54d0b9.tar.gz