Merge branch 'pw/apply-ulong-overflow-check'

gitster · gitster · commit 34736ff48e68 · 2025-02-10T10:18:30.000-08:00
"git apply" internally uses unsigned long for line numbers and uses
strtoul() to parse numbers on the hunk headers.  It however forgot
to check parse errors.

* pw/apply-ulong-overflow-check:
  apply: detect overflow when parsing hunk header
diff --git a/apply.c b/apply.c
@@ -1423,7 +1423,10 @@ static int parse_num(const char *line, unsigned long *p)
 
 	if (!isdigit(*line))
 		return 0;
+	errno = 0;
 	*p = strtoul(line, &ptr, 10);
+	if (errno)
+		return 0;
 	return ptr - line;
 }
 
diff --git a/t/t4100-apply-stat.sh b/t/t4100-apply-stat.sh
@@ -38,4 +38,17 @@ incomplete (1)
 incomplete (2)
 EOF
 
+test_expect_success 'applying a hunk header which overflows fails' '
+	cat >patch <<-\EOF &&
+	diff -u a/file b/file
+	--- a/file
+	+++ b/file
+	@@ -98765432109876543210 +98765432109876543210 @@
+	-a
+	+b
+	EOF
+	test_must_fail git apply patch 2>err &&
+	echo "error: corrupt patch at line 4" >expect &&
+	test_cmp expect err
+'
 test_done

Original file line number	Diff line number	Diff line change
`@@ -1423,7 +1423,10 @@ static int parse_num(const char line, unsigned long p)`
`1423`	`1423`
`1424`	`1424`	`if (!isdigit(*line))`
`1425`	`1425`	`return 0;`
	`1426`	`+ errno = 0;`
`1426`	`1427`	`*p = strtoul(line, &ptr, 10);`
	`1428`	`+ if (errno)`
	`1429`	`+ return 0;`
`1427`	`1430`	`return ptr - line;`
`1428`	`1431`	`}`
`1429`	`1432`