From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: git@vger.kernel.org
Subject: Re: [PATCH 4/5] log: handle integer overflow in timestamps
Date: Mon, 24 Feb 2014 11:50:00 -0800 [thread overview]
Message-ID: <xmqqsir88f4n.fsf@gitster.dls.corp.google.com> (raw)
In-Reply-To: <20140224074637.GD9969@sigill.intra.peff.net> (Jeff King's message of "Mon, 24 Feb 2014 02:46:37 -0500")
Jeff King <peff@peff.net> writes:
> If an ident line has a ridiculous date value like (2^64)+1,
> we currently just pass ULONG_MAX along to the date code,
> which can produce nonsensical dates.
>
> On systems with a signed long time_t (e.g., 64-bit glibc
> systems), this actually doesn't end up too bad. The
> ULONG_MAX is converted to -1, we apply the timezone field to
> that, and the result ends up somewhere between Dec 31, 1969
> and Jan 1, 1970.
> ...
> We also recognize overflow in the timezone field, which
> could produce nonsensical results. In this case we show the
> parsed date, but in UTC.
Both are good measures to fallback to sanity, but why is that
if/else? In other words...
> + if (date_overflows(date))
> + date = 0;
> + else {
> + if (ident->tz_begin && ident->tz_end)
> + tz = strtol(ident->tz_begin, NULL, 10);
> + if (tz == LONG_MAX || tz == LONG_MIN)
> + tz = 0;
> + }
... don't we want to fix an input having a bogus timestamp and also
a bogus tz recorded in it?
> return show_date(date, tz, mode);
> }
>
> diff --git a/t/t4212-log-corrupt.sh b/t/t4212-log-corrupt.sh
> index 83de981..ba25a2e 100755
> --- a/t/t4212-log-corrupt.sh
> +++ b/t/t4212-log-corrupt.sh
> @@ -65,4 +65,20 @@ test_expect_success 'unparsable dates produce sentinel value (%ad)' '
> test_cmp expect actual
> '
>
> +# date is 2^64 + 1
> +test_expect_success 'date parser recognizes integer overflow' '
> + commit=$(munge_author_date HEAD 18446744073709551617) &&
> + echo "Thu Jan 1 00:00:00 1970 +0000" >expect &&
> + git log -1 --format=%ad $commit >actual &&
> + test_cmp expect actual
> +'
> +
> +# date is 2^64 - 2
> +test_expect_success 'date parser recognizes time_t overflow' '
> + commit=$(munge_author_date HEAD 18446744073709551614) &&
> + echo "Thu Jan 1 00:00:00 1970 +0000" >expect &&
> + git log -1 --format=%ad $commit >actual &&
> + test_cmp expect actual
> +'
> +
> test_done
next prev parent reply other threads:[~2014-02-24 19:50 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-24 7:33 [PATCH 0/5] handle bogus commit dates Jeff King
2014-02-24 7:36 ` [PATCH 1/5] t4212: test bogus timestamps with git-log Jeff King
2014-02-24 7:39 ` [PATCH 2/5] fsck: report integer overflow in author timestamps Jeff King
2014-02-24 7:39 ` [PATCH 3/5] date: check date overflow against time_t Jeff King
2014-02-24 7:46 ` [PATCH 4/5] log: handle integer overflow in timestamps Jeff King
2014-02-24 19:50 ` Junio C Hamano [this message]
2014-02-24 19:58 ` Jeff King
2014-02-24 20:21 ` Junio C Hamano
2014-02-24 20:37 ` Jeff King
2014-02-24 21:01 ` Junio C Hamano
2014-02-24 7:49 ` [PATCH 5/5] log: do not segfault on gmtime errors Jeff King
2014-03-22 9:32 ` René Scharfe
2014-03-24 21:33 ` Jeff King
2014-03-24 22:03 ` René Scharfe
2014-03-24 22:11 ` Jeff King
2014-03-26 11:05 ` Charles Bailey
2014-03-26 18:21 ` Jeff King
2014-03-26 18:51 ` [PATCH] t4212: handle systems with post-apocalyptic gmtime Jeff King
2014-03-26 19:18 ` Junio C Hamano
2014-03-26 19:25 ` Jeff King
2014-03-26 19:33 ` Jeff King
2014-03-26 19:40 ` Jeff King
2014-03-26 20:36 ` Charles Bailey
2014-03-26 20:38 ` Jeff King
2014-03-26 20:41 ` Charles Bailey
2014-03-26 21:22 ` Charles Bailey
2014-03-26 21:57 ` Jeff King
2014-03-26 22:46 ` Charles Bailey
2014-03-27 22:48 ` Jeff King
2014-03-28 16:41 ` Junio C Hamano
2014-03-28 18:47 ` Jeff King
2014-03-28 19:02 ` Junio C Hamano
2014-03-28 19:05 ` Jeff King
2014-03-28 19:30 ` Junio C Hamano
2014-04-01 7:38 ` Jeff King
2014-04-01 7:42 ` [PATCH 1/2] date: recognize bogus FreeBSD gmtime output Jeff King
2014-04-01 17:42 ` René Scharfe
2014-04-01 19:08 ` Junio C Hamano
2014-04-01 21:17 ` René Scharfe
2014-04-01 21:28 ` Jeff King
2014-04-01 7:43 ` [PATCH 2/2] t4212: loosen far-in-future test for AIX Jeff King
2014-04-01 7:45 ` [PATCH 2alt/2] work around unreliable gmtime errors on AIX Jeff King
2014-04-01 19:07 ` [PATCH] t4212: handle systems with post-apocalyptic gmtime Junio C Hamano
2014-04-01 19:46 ` Jeff King
2014-03-26 18:58 ` [PATCH 5/5] log: do not segfault on gmtime errors Junio C Hamano
2014-03-26 19:01 ` Jeff King
2014-03-26 21:01 ` Junio C Hamano
2014-03-26 21:09 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqsir88f4n.fsf@gitster.dls.corp.google.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.