* sscanf/strtoul: parse integers robustly
@ 2007-04-09 23:01 Jim Meyering
2007-04-11 7:55 ` Junio C Hamano
2007-04-19 2:08 ` [PATCH] fix up strtoul_ui error handling Andy Whitcroft
0 siblings, 2 replies; 5+ messages in thread
From: Jim Meyering @ 2007-04-09 23:01 UTC (permalink / raw)
To: git
* builtin-grep.c (strtoul_ui): Move function definition from here, to...
* git-compat-util.h (strtoul_ui): ...here, with an added "base" parameter.
* builtin-grep.c (cmd_grep): Update use of strtoul_ui to include base, "10".
* builtin-update-index.c (read_index_info): Diagnose an invalid mode integer
that is out of range or merely larger than INT_MAX.
(cmd_update_index): Use strtoul_ui, not sscanf.
* convert-objects.c (write_subdirectory): Likewise.
Signed-off-by: Jim Meyering <jim@meyering.net>
---
builtin-grep.c | 15 +--------------
builtin-update-index.c | 10 +++++++---
convert-objects.c | 2 +-
git-compat-util.h | 13 +++++++++++++
4 files changed, 22 insertions(+), 18 deletions(-)
diff --git a/builtin-grep.c b/builtin-grep.c
index 981f3d4..e13cb31 100644
--- a/builtin-grep.c
+++ b/builtin-grep.c
@@ -434,19 +434,6 @@ static const char emsg_missing_context_len[] =
static const char emsg_missing_argument[] =
"option requires an argument -%s";
-static int strtoul_ui(char const *s, unsigned int *result)
-{
- unsigned long ul;
- char *p;
-
- errno = 0;
- ul = strtoul(s, &p, 10);
- if (errno || *p || p == s || (unsigned int) ul != ul)
- return -1;
- *result = ul;
- return 0;
-}
-
int cmd_grep(int argc, const char **argv, const char *prefix)
{
int hit = 0;
@@ -569,7 +556,7 @@ int cmd_grep(int argc, const char **argv, const char *prefix)
scan = arg + 1;
break;
}
- if (strtoul_ui(scan, &num))
+ if (strtoul_ui(scan, 10, &num))
die(emsg_invalid_context_len, scan);
switch (arg[1]) {
case 'A':
diff --git a/builtin-update-index.c b/builtin-update-index.c
index 47d42ed..b3d4ace 100644
--- a/builtin-update-index.c
+++ b/builtin-update-index.c
@@ -227,6 +227,7 @@ static void read_index_info(int line_termination)
char *path_name;
unsigned char sha1[20];
unsigned int mode;
+ unsigned long ul;
int stage;
/* This reads lines formatted in one of three formats:
@@ -249,9 +250,12 @@ static void read_index_info(int line_termination)
if (buf.eof)
break;
- mode = strtoul(buf.buf, &ptr, 8);
- if (ptr == buf.buf || *ptr != ' ')
+ errno = 0;
+ ul = strtoul(buf.buf, &ptr, 8);
+ if (ptr == buf.buf || *ptr != ' '
+ || errno || (unsigned int) ul != ul)
goto bad_line;
+ mode = ul;
tab = strchr(ptr, '\t');
if (!tab || tab - ptr < 41)
@@ -547,7 +551,7 @@ int cmd_update_index(int argc, const char **argv, const char *prefix)
if (i+3 >= argc)
die("git-update-index: --cacheinfo <mode> <sha1> <path>");
- if ((sscanf(argv[i+1], "%o", &mode) != 1) ||
+ if ((strtoul_ui(argv[i+1], 8, &mode) != 1) ||
get_sha1_hex(argv[i+2], sha1) ||
add_cacheinfo(mode, sha1, argv[i+3], 0))
die("git-update-index: --cacheinfo"
diff --git a/convert-objects.c b/convert-objects.c
index 4809f91..cf03bcf 100644
--- a/convert-objects.c
+++ b/convert-objects.c
@@ -88,7 +88,7 @@ static int write_subdirectory(void *buffer, unsigned long size, const char *base
unsigned int mode;
char *slash, *origpath;
- if (!path || sscanf(buffer, "%o", &mode) != 1)
+ if (!path || strtoul_ui(buffer, 8, &mode) != 1)
die("bad tree conversion");
mode = convert_mode(mode);
path++;
diff --git a/git-compat-util.h b/git-compat-util.h
index 139fc19..5f6a281 100644
--- a/git-compat-util.h
+++ b/git-compat-util.h
@@ -301,4 +301,17 @@ static inline int prefixcmp(const char *str, const char *prefix)
return strncmp(str, prefix, strlen(prefix));
}
+static inline int strtoul_ui(char const *s, int base, unsigned int *result)
+{
+ unsigned long ul;
+ char *p;
+
+ errno = 0;
+ ul = strtoul(s, &p, base);
+ if (errno || *p || p == s || (unsigned int) ul != ul)
+ return -1;
+ *result = ul;
+ return 0;
+}
+
#endif
--
1.5.1.rc3-dirty
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: sscanf/strtoul: parse integers robustly
2007-04-09 23:01 sscanf/strtoul: parse integers robustly Jim Meyering
@ 2007-04-11 7:55 ` Junio C Hamano
2007-04-11 13:52 ` Jim Meyering
2007-04-19 2:08 ` [PATCH] fix up strtoul_ui error handling Andy Whitcroft
1 sibling, 1 reply; 5+ messages in thread
From: Junio C Hamano @ 2007-04-11 7:55 UTC (permalink / raw)
To: Jim Meyering; +Cc: git
Jim Meyering <jim@meyering.net> writes:
> diff --git a/git-compat-util.h b/git-compat-util.h
> index 139fc19..5f6a281 100644
> --- a/git-compat-util.h
> +++ b/git-compat-util.h
> @@ -301,4 +301,17 @@ static inline int prefixcmp(const char *str, const char *prefix)
> return strncmp(str, prefix, strlen(prefix));
> }
>
> +static inline int strtoul_ui(char const *s, int base, unsigned int *result)
> +{
> + unsigned long ul;
> + char *p;
> +
> + errno = 0;
> + ul = strtoul(s, &p, base);
> + if (errno || *p || p == s || (unsigned int) ul != ul)
> + return -1;
> + *result = ul;
> + return 0;
> +}
> +
> #endif
War on sscanf is fine, but I wonder if this is small enough to
be a good candidate for inlining.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: sscanf/strtoul: parse integers robustly
2007-04-11 7:55 ` Junio C Hamano
@ 2007-04-11 13:52 ` Jim Meyering
0 siblings, 0 replies; 5+ messages in thread
From: Jim Meyering @ 2007-04-11 13:52 UTC (permalink / raw)
To: Junio C Hamano; +Cc: git
Junio C Hamano <junkio@cox.net> wrote:
> Jim Meyering <jim@meyering.net> writes:
>
>> diff --git a/git-compat-util.h b/git-compat-util.h
>> index 139fc19..5f6a281 100644
>> --- a/git-compat-util.h
>> +++ b/git-compat-util.h
>> @@ -301,4 +301,17 @@ static inline int prefixcmp(const char *str, const char *prefix)
>> return strncmp(str, prefix, strlen(prefix));
>> }
>>
>> +static inline int strtoul_ui(char const *s, int base, unsigned int *result)
>> +{
>> + unsigned long ul;
>> + char *p;
>> +
>> + errno = 0;
>> + ul = strtoul(s, &p, base);
>> + if (errno || *p || p == s || (unsigned int) ul != ul)
>> + return -1;
>> + *result = ul;
>> + return 0;
>> +}
>> +
>> #endif
>
> War on sscanf is fine, but I wonder if this is small enough to
> be a good candidate for inlining.
I don't care if it is actually inlined.
I used "inline" because this function seems small enough that
duplicating its code won't hurt, and because then I didn't need
to bother with a separate prototype. On the size front, it looks
no larger than most of the other inline functions in that file.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH] fix up strtoul_ui error handling
2007-04-09 23:01 sscanf/strtoul: parse integers robustly Jim Meyering
2007-04-11 7:55 ` Junio C Hamano
@ 2007-04-19 2:08 ` Andy Whitcroft
2007-04-19 2:26 ` Junio C Hamano
1 sibling, 1 reply; 5+ messages in thread
From: Andy Whitcroft @ 2007-04-19 2:08 UTC (permalink / raw)
To: git
Two scanf() calls were converted to strtoul_ui() but the return
values were not updated to match. scanf() returns the number of
matched "values" which for this usage is 1 on success. strtoul_ui()
return 0 on success. Update these call sites to match.
Signed-off-by: Andy Whitcroft <apw@shadowen.org>
---
Without this patch svnimport fails to add files as
update-index --cacheinfo fails.
---
diff --git a/builtin-update-index.c b/builtin-update-index.c
index 9205c9f..8f98991 100644
--- a/builtin-update-index.c
+++ b/builtin-update-index.c
@@ -627,7 +627,7 @@ int cmd_update_index(int argc, const char **argv, const char *prefix)
if (i+3 >= argc)
die("git-update-index: --cacheinfo <mode> <sha1> <path>");
- if ((strtoul_ui(argv[i+1], 8, &mode) != 1) ||
+ if (strtoul_ui(argv[i+1], 8, &mode) ||
get_sha1_hex(argv[i+2], sha1) ||
add_cacheinfo(mode, sha1, argv[i+3], 0))
die("git-update-index: --cacheinfo"
diff --git a/convert-objects.c b/convert-objects.c
index cf03bcf..cefbceb 100644
--- a/convert-objects.c
+++ b/convert-objects.c
@@ -88,7 +88,7 @@ static int write_subdirectory(void *buffer, unsigned long size, const char *base
unsigned int mode;
char *slash, *origpath;
- if (!path || strtoul_ui(buffer, 8, &mode) != 1)
+ if (!path || strtoul_ui(buffer, 8, &mode))
die("bad tree conversion");
mode = convert_mode(mode);
path++;
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] fix up strtoul_ui error handling
2007-04-19 2:08 ` [PATCH] fix up strtoul_ui error handling Andy Whitcroft
@ 2007-04-19 2:26 ` Junio C Hamano
0 siblings, 0 replies; 5+ messages in thread
From: Junio C Hamano @ 2007-04-19 2:26 UTC (permalink / raw)
To: Andy Whitcroft; +Cc: git
Thanks.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-04-19 2:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-04-09 23:01 sscanf/strtoul: parse integers robustly Jim Meyering
2007-04-11 7:55 ` Junio C Hamano
2007-04-11 13:52 ` Jim Meyering
2007-04-19 2:08 ` [PATCH] fix up strtoul_ui error handling Andy Whitcroft
2007-04-19 2:26 ` Junio C Hamano
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.