diff options
| author | Johannes Schindelin <johannes.schindelin@gmx.de> | 2018-03-19 17:49:22 +0100 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2018-03-19 10:53:17 -0700 |
| commit | 9ee0540a40988cf56611a341232dcb5bed6d1f06 (patch) | |
| tree | 6cd4f3e97d01fe62ec52b7c5ce580eb13d8f52b8 /compat | |
| parent | 38e79b1fdab9244e1727d0698afcf3bb8956c0a4 (diff) | |
| download | git-9ee0540a40988cf56611a341232dcb5bed6d1f06.tar.gz | |
mingw: abort on invalid strftime formatsjs/ming-strftime
On Windows, strftime() does not silently ignore invalid formats, but
warns about them and then returns 0 and sets errno to EINVAL.
Unfortunately, Git does not expect such a behavior, as it disagrees
with strftime()'s semantics on Linux. As a consequence, Git
misinterprets the return value 0 as "I need more space" and grows the
buffer. As the larger buffer does not fix the format, the buffer grows
and grows and grows until we are out of memory and abort.
Ideally, we would switch off the parameter validation just for
strftime(), but we cannot even override the invalid parameter handler
via _set_thread_local_invalid_parameter_handler() using MINGW because
that function is not declared. Even _set_invalid_parameter_handler(),
which *is* declared, does not help, as it simply does... nothing.
So let's just bite the bullet and override strftime() for MINGW and
abort on an invalid format string. While this does not provide the
best user experience, it is the best we can do.
See https://msdn.microsoft.com/en-us/library/fe06s4ak.aspx for more
details.
This fixes https://github.com/git-for-windows/git/issues/863
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'compat')
| -rw-r--r-- | compat/mingw.c | 11 | ||||
| -rw-r--r-- | compat/mingw.h | 3 |
2 files changed, 14 insertions, 0 deletions
diff --git a/compat/mingw.c b/compat/mingw.c index 2d44d21aca..a67872babf 100644 --- a/compat/mingw.c +++ b/compat/mingw.c @@ -761,6 +761,17 @@ revert_attrs: return rc; } +#undef strftime +size_t mingw_strftime(char *s, size_t max, + const char *format, const struct tm *tm) +{ + size_t ret = strftime(s, max, format, tm); + + if (!ret && errno == EINVAL) + die("invalid strftime format: '%s'", format); + return ret; +} + unsigned int sleep (unsigned int seconds) { Sleep(seconds*1000); diff --git a/compat/mingw.h b/compat/mingw.h index e03aecfe2e..571019d0bd 100644 --- a/compat/mingw.h +++ b/compat/mingw.h @@ -361,6 +361,9 @@ int mingw_fstat(int fd, struct stat *buf); int mingw_utime(const char *file_name, const struct utimbuf *times); #define utime mingw_utime +size_t mingw_strftime(char *s, size_t max, + const char *format, const struct tm *tm); +#define strftime mingw_strftime pid_t mingw_spawnvpe(const char *cmd, const char **argv, char **env, const char *dir, |