From 61d6ed139ff572937c8ff342cfa16e40d2f9011e Mon Sep 17 00:00:00 2001 From: Jim Meyering Date: Tue, 10 Apr 2007 01:01:44 +0200 Subject: sscanf/strtoul: parse integers robustly * builtin-grep.c (strtoul_ui): Move function definition from here, to... * git-compat-util.h (strtoul_ui): ...here, with an added "base" parameter. * builtin-grep.c (cmd_grep): Update use of strtoul_ui to include base, "10". * builtin-update-index.c (read_index_info): Diagnose an invalid mode integer that is out of range or merely larger than INT_MAX. (cmd_update_index): Use strtoul_ui, not sscanf. * convert-objects.c (write_subdirectory): Likewise. Signed-off-by: Jim Meyering Signed-off-by: Junio C Hamano --- builtin-update-index.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'builtin-update-index.c') diff --git a/builtin-update-index.c b/builtin-update-index.c index 71cef633c0..6ed61ebc57 100644 --- a/builtin-update-index.c +++ b/builtin-update-index.c @@ -227,6 +227,7 @@ static void read_index_info(int line_termination) char *path_name; unsigned char sha1[20]; unsigned int mode; + unsigned long ul; int stage; /* This reads lines formatted in one of three formats: @@ -249,9 +250,12 @@ static void read_index_info(int line_termination) if (buf.eof) break; - mode = strtoul(buf.buf, &ptr, 8); - if (ptr == buf.buf || *ptr != ' ') + errno = 0; + ul = strtoul(buf.buf, &ptr, 8); + if (ptr == buf.buf || *ptr != ' ' + || errno || (unsigned int) ul != ul) goto bad_line; + mode = ul; tab = strchr(ptr, '\t'); if (!tab || tab - ptr < 41) @@ -547,7 +551,7 @@ int cmd_update_index(int argc, const char **argv, const char *prefix) if (i+3 >= argc) die("git-update-index: --cacheinfo "); - if ((sscanf(argv[i+1], "%o", &mode) != 1) || + if ((strtoul_ui(argv[i+1], 8, &mode) != 1) || get_sha1_hex(argv[i+2], sha1) || add_cacheinfo(mode, sha1, argv[i+3], 0)) die("git-update-index: --cacheinfo" -- cgit v1.2.1