diff options
| author | Jeff King <peff@peff.net> | 2014-03-07 12:15:01 -0500 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2014-03-07 11:53:29 -0800 |
| commit | 3f419d45ef0dfc33dc301d9ae4737043c091291a (patch) | |
| tree | e72175e8040f851f4e567ad6db3965ce24c13ece /pretty.c | |
| parent | 2b15846dbfb31df10a69a4d56ae944a01563bc07 (diff) | |
| download | git-3f419d45ef0dfc33dc301d9ae4737043c091291a.tar.gz | |
show_ident_date: fix tz range check
Commit 1dca155fe3fa (log: handle integer overflow in
timestamps, 2014-02-24) tried to catch integer overflow
coming from strtol() on the timezone field by comparing against
LONG_MIN/LONG_MAX. However, the intermediate "tz" variable
is an "int", which means it can never be LONG_MAX on LP64
systems; we would truncate the output from strtol before the
comparison.
Clang's -Wtautological-constant-out-of-range-compare notices
this and rightly complains.
Let's instead store the result of strtol in a long, and then
compare it against INT_MIN/INT_MAX. This will catch overflow
from strtol, and also overflow when we pass the result as an
int to show_date.
Reported-by: Eric Sunshine <sunshine@sunshineco.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'pretty.c')
| -rw-r--r-- | pretty.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -397,7 +397,7 @@ static const char *show_ident_date(const struct ident_split *ident, enum date_mode mode) { unsigned long date = 0; - int tz = 0; + long tz = 0; if (ident->date_begin && ident->date_end) date = strtoul(ident->date_begin, NULL, 10); @@ -406,7 +406,7 @@ static const char *show_ident_date(const struct ident_split *ident, else { if (ident->tz_begin && ident->tz_end) tz = strtol(ident->tz_begin, NULL, 10); - if (tz == LONG_MAX || tz == LONG_MIN) + if (tz >= INT_MAX || tz <= INT_MIN) tz = 0; } return show_date(date, tz, mode); |