From: Mohit Marathe <mohitmarathe23@xxxxxxxxx>
The change is made to improve the error-handling capabilities
during the conversion of string to integers. The
`strtoi_with_tail` function offers a more robust mechanism for
converting strings to integers by providing enhanced error
detection. Unlike `atoi`, `strtoi_with_tail` allows the code to
differentiate between a valid conversion and an invalid one,
offering better resilience against potential issues such as
reading hunk header of a corrupted patch.
Signed-off-by: Mohit Marathe <mohitmarathe@xxxxxxxxx>
---
builtin/patch-id.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/builtin/patch-id.c b/builtin/patch-id.c
index 3894d2b9706..4e9a301e9fb 100644
--- a/builtin/patch-id.c
+++ b/builtin/patch-id.c
@@ -1,3 +1,4 @@
+#include "git-compat-util.h"
#include "builtin.h"
#include "config.h"
#include "diff.h"
@@ -29,14 +30,16 @@ static int scan_hunk_header(const char *p, int *p_before, int *p_after)
{
static const char digits[] = "0123456789";
const char *q, *r;
+ char *endp;
int n;
q = p + 4;
n = strspn(q, digits);
if (q[n] == ',') {
q += n + 1;
- *p_before = atoi(q);
- n = strspn(q, digits);
+ if (strtoi_with_tail(q, 10, p_before, &endp) != 0)
+ return 0;
+ n = endp - q;
} else {
*p_before = 1;
}
@@ -48,8 +51,9 @@ static int scan_hunk_header(const char *p, int *p_before, int *p_after)
n = strspn(r, digits);
if (r[n] == ',') {
r += n + 1;
- *p_after = atoi(r);
- n = strspn(r, digits);
+ if (strtoi_with_tail(r, 10, p_after, &endp) != 0)
+ return 0;
+ n = endp - r;
} else {
*p_after = 1;
}
--
gitgitgadget
