diff options
| author | nulltoken <emeric.fermas@gmail.com> | 2012-07-06 12:47:14 +0200 |
|---|---|---|
| committer | nulltoken <emeric.fermas@gmail.com> | 2012-07-07 12:16:10 +0200 |
| commit | 6a5136e5389034b696c9cd0292a760e78e975fd8 (patch) | |
| tree | 478cfe68e0b1cd4b6bc5924528c5342fff2ea79f /src/revparse.c | |
| parent | 29f72aa63844967cfd56d2edce804af243ef3ddd (diff) | |
| download | libgit2-6a5136e5389034b696c9cd0292a760e78e975fd8.tar.gz | |
revparse: only allow decimal reflog ordinal specs
passing 0 to git_strol(32|64) let the implementation guess if it's
dealing with an octal number or a decimal one.
Let's make it safe and ensure that both 'HEAD@{010}' and 'HEAD@{10}'
point at the same commit.
Diffstat (limited to 'src/revparse.c')
| -rw-r--r-- | src/revparse.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/revparse.c b/src/revparse.c index 3b9b2c903..af0b055be 100644 --- a/src/revparse.c +++ b/src/revparse.c @@ -167,7 +167,7 @@ static int walk_ref_history(git_object **out, git_repository *repo, const char * if (refspeclen > 0) return revspec_error(reflogspec); - if (git__strtol32(&n, reflogspec+3, NULL, 0) < 0 || n < 1) + if (git__strtol32(&n, reflogspec+3, NULL, 10) < 0 || n < 1) return revspec_error(reflogspec); if (!git_reference_lookup(&ref, repo, "HEAD")) { @@ -233,7 +233,7 @@ static int walk_ref_history(git_object **out, git_repository *repo, const char * /* @{N} -> Nth prior value for the ref (from reflog) */ else if (all_chars_are_digits(reflogspec+2, reflogspeclen-3) && - !git__strtol32(&n, reflogspec+2, NULL, 0) && + !git__strtol32(&n, reflogspec+2, NULL, 10) && n <= 100000000) { /* Allow integer time */ normalize_maybe_empty_refname(&buf, repo, refspec, refspeclen); |