diff options
| -rw-r--r-- | fsck.c | 12 | ||||
| -rwxr-xr-x | t/t1450-fsck.sh | 14 |
2 files changed, 20 insertions, 6 deletions
@@ -245,6 +245,8 @@ static int fsck_tree(struct tree *item, int strict, fsck_error error_func) static int fsck_ident(char **ident, struct object *obj, fsck_error error_func) { + char *end; + if (**ident == '<') return error_func(obj, FSCK_ERROR, "invalid author/committer line - missing space before email"); *ident += strcspn(*ident, "<>\n"); @@ -264,10 +266,11 @@ static int fsck_ident(char **ident, struct object *obj, fsck_error error_func) (*ident)++; if (**ident == '0' && (*ident)[1] != ' ') return error_func(obj, FSCK_ERROR, "invalid author/committer line - zero-padded date"); - *ident += strspn(*ident, "0123456789"); - if (**ident != ' ') + if (strtoul(*ident, &end, 10) == ULONG_MAX) + return error_func(obj, FSCK_ERROR, "invalid author/committer line - date causes integer overflow"); + if (end == *ident || *end != ' ') return error_func(obj, FSCK_ERROR, "invalid author/committer line - bad date"); - (*ident)++; + *ident = end + 1; if ((**ident != '+' && **ident != '-') || !isdigit((*ident)[1]) || !isdigit((*ident)[2]) || @@ -287,9 +290,6 @@ static int fsck_commit(struct commit *commit, fsck_error error_func) int parents = 0; int err; - if (commit->date == ULONG_MAX) - return error_func(&commit->object, FSCK_ERROR, "invalid author/committer line"); - if (memcmp(buffer, "tree ", 5)) return error_func(&commit->object, FSCK_ERROR, "invalid format - expected 'tree' line"); if (get_sha1_hex(buffer+5, tree_sha1) || buffer[45] != '\n') diff --git a/t/t1450-fsck.sh b/t/t1450-fsck.sh index d730734fde..8c739c9613 100755 --- a/t/t1450-fsck.sh +++ b/t/t1450-fsck.sh @@ -142,6 +142,20 @@ test_expect_success '> in name is reported' ' grep "error in commit $new" out ' +# date is 2^64 + 1 +test_expect_success 'integer overflow in timestamps is reported' ' + git cat-file commit HEAD >basis && + sed "s/^\\(author .*>\\) [0-9]*/\\1 18446744073709551617/" \ + <basis >bad-timestamp && + new=$(git hash-object -t commit -w --stdin <bad-timestamp) && + test_when_finished "remove_object $new" && + git update-ref refs/heads/bogus "$new" && + test_when_finished "git update-ref -d refs/heads/bogus" && + git fsck 2>out && + cat out && + grep "error in commit $new.*integer overflow" out +' + test_expect_success 'tag pointing to nonexistent' ' cat >invalid-tag <<-\EOF && object ffffffffffffffffffffffffffffffffffffffff |