date: check date overflow against time_t

When we check whether a timestamp has overflowed, we check only against ULONG_MAX, meaning that strtoul has overflowed. However, we also feed these timestamps to system functions like gmtime, which expect a time_t. On many systems, time_t is actually smaller than "unsigned long" (e.g., because it is signed), and we would overflow when using these functions. We don't know the actual size or signedness of time_t, but we can easily check for truncation with a simple assignment. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Jeff King <peff@peff.net> 2014-02-24 02:39:45 -0500
committer: Junio C Hamano <gitster@pobox.com> 2014-02-24 10:12:58 -0800
commit: 7ca36d9398a85e7974d04f8fbd2c6adb088290e1 (patch)
tree: e3ef065ab5fee09448ad78239edefb09c9ca927a /fsck.c
parent: d4b8de0420ffcc7a654ddc6c69a96d3c1b25b4fa (diff)
download: git-7ca36d9398a85e7974d04f8fbd2c6adb088290e1.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/fsck.c b/fsck.c
index 760e072cce..64bf279fd7 100644
--- a/fsck.c
+++ b/fsck.c
@@ -266,7 +266,7 @@ static int fsck_ident(char **ident, struct object *obj, fsck_error error_func)
 	(*ident)++;
 	if (**ident == '0' && (*ident)[1] != ' ')
 		return error_func(obj, FSCK_ERROR, "invalid author/committer line - zero-padded date");
-	if (strtoul(*ident, &end, 10) == ULONG_MAX)
+	if (date_overflows(strtoul(*ident, &end, 10)))
 		return error_func(obj, FSCK_ERROR, "invalid author/committer line - date causes integer overflow");
 	if (end == *ident || *end != ' ')
 		return error_func(obj, FSCK_ERROR, "invalid author/committer line - bad date");
author	Jeff King <peff@peff.net>	2014-02-24 02:39:45 -0500
committer	Junio C Hamano <gitster@pobox.com>	2014-02-24 10:12:58 -0800
commit	7ca36d9398a85e7974d04f8fbd2c6adb088290e1 (patch)
tree	e3ef065ab5fee09448ad78239edefb09c9ca927a /fsck.c
parent	d4b8de0420ffcc7a654ddc6c69a96d3c1b25b4fa (diff)
download	git-7ca36d9398a85e7974d04f8fbd2c6adb088290e1.tar.gz