apply: detect overflow when parsing hunk header

"git apply" uses strtoul() to parse the numbers in the hunk header but
silently ignores overflows. As LONG_MAX is a legitimate return value for
strtoul() we need to set errno to zero before the call to strtoul() and
check that it is still zero afterwards. The error message we display is
not particularly helpful as it does not say what was wrong.  However, it
seems pretty unlikely that users are going to trigger this error in
practice and we can always improve it later if needed.

Signed-off-by: Phillip Wood <phillip.wood@dunelm.org.uk>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/apply.c b/apply.c
index 7608e3301ca0727dcfec0a579ed46390afa41ab0..e3b98b07314064fc0a4e805cf4cea1737f396fa4 100644 (file)
--- a/apply.c
+++ b/apply.c
@@ -1426,7 +1426,10 @@ static int parse_num(const char *line, unsigned long *p)
 
        if (!isdigit(*line))
                return 0;
+       errno = 0;
        *p = strtoul(line, &ptr, 10);
+       if (errno)
+               return 0;
        return ptr - line;
 }
 

diff --git a/t/t4100-apply-stat.sh b/t/t4100-apply-stat.sh
index d503547732c54d8f952027580dc21a6b65729cdb..fcbd593634d788eb34b78e9d9361c134a2a9012e 100755 (executable)
--- a/t/t4100-apply-stat.sh
+++ b/t/t4100-apply-stat.sh
@@ -39,4 +39,17 @@ incomplete (1)
 incomplete (2)
 EOF
 
+test_expect_success 'applying a hunk header which overflows fails' '
+       cat >patch <<-\EOF &&
+       diff -u a/file b/file
+       --- a/file
+       +++ b/file
+       @@ -98765432109876543210 +98765432109876543210 @@
+       -a
+       +b
+       EOF
+       test_must_fail git apply patch 2>err &&
+       echo "error: corrupt patch at line 4" >expect &&
+       test_cmp expect err
+'
 test_done