From c3b202a1439f5612db8aad604211cfde5e2d5cc2 Mon Sep 17 00:00:00 2001 From: Mohit Marathe Date: Tue, 16 Jan 2024 19:43:02 +0530 Subject: [PATCH] patch-id: replace `atoi()` with `strtol_i2()` The change is made to improve the error-handling capabilities during the conversion of string representations to integers. The `strtol_i2(` function offers a more robust mechanism for converting strings to integers by providing enhanced error detection. Unlike `atoi(`, `strtol_i2(` allows the code to differentiate between a valid conversion and an invalid one, offering better resilience against potential issues such as reading hunk header of a corrupted patch. Signed-off-by: Mohit Marathe --- builtin/patch-id.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/builtin/patch-id.c b/builtin/patch-id.c index 3894d2b970612c..e513b6aed3f9d2 100644 --- a/builtin/patch-id.c +++ b/builtin/patch-id.c @@ -1,3 +1,4 @@ +#include "git-compat-util.h" #include "builtin.h" #include "config.h" #include "diff.h" @@ -29,13 +30,15 @@ static int scan_hunk_header(const char *p, int *p_before, int *p_after) { static const char digits[] = "0123456789"; const char *q, *r; + char *endp; int n; q = p + 4; n = strspn(q, digits); if (q[n] == ',') { q += n + 1; - *p_before = atoi(q); + if (strtol_i_updated(q, 10, p_before, &endp) != 0) + return 0; n = strspn(q, digits); } else { *p_before = 1; @@ -48,7 +51,8 @@ static int scan_hunk_header(const char *p, int *p_before, int *p_after) n = strspn(r, digits); if (r[n] == ',') { r += n + 1; - *p_after = atoi(r); + if (strtol_i_updated(r, 10, p_after, &endp) != 0) + return 0; n = strspn(r, digits); } else { *p_after = 1;