public inbox for git@vger.kernel.org
 help / color / mirror / Atom feed
From: Mirko Faina <mroik@delayed.space>
To: git@vger.kernel.org
Cc: Mirko Faina <mroik@delayed.space>, Jeff King <peff@peff.net>,
	Junio C Hamano <gitster@pobox.com>,
	Tian Yuchen <a3205153416@gmail.com>
Subject: [PATCH] apply.c: fix -p argument parsing
Date: Mon, 16 Mar 2026 01:51:16 +0100	[thread overview]
Message-ID: <20260316005120.7079-1-mroik@delayed.space> (raw)
In-Reply-To: <20260313031950.1695103-1-mroik@delayed.space>

"git apply" has an option -p that takes an integer as its argument.
Unfortunately the function apply_option_parse_p() in charge of parsing
this argument uses atoi() to convert from string to integer, which
allows a non-digit after the number (e.g. "1q") to be silently ignored.
As a consequence, an argument that does not begin with a digit silently
becomes a zero. Despite this command working fine when a non-positive
argument is passed, it might be useful for the end user to know that
their input contains non-digits that might've been unintended.

Replace atoi() with strtol_i() to catch malformed inputs.

Signed-off-by: Mirko Faina <mroik@delayed.space>
---
Sending a new version 'cause Tian pointed out that the die message is
not explicit enough, and a user might not understand which option we're
referring to if there are multiple.

 apply.c               |  3 ++-
 t/t4120-apply-popt.sh | 41 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/apply.c b/apply.c
index b6dd1066a0..52cd590bdb 100644
--- a/apply.c
+++ b/apply.c
@@ -4981,7 +4981,8 @@ static int apply_option_parse_p(const struct option *opt,
 
 	BUG_ON_OPT_NEG(unset);
 
-	state->p_value = atoi(arg);
+	if (strtol_i(arg, 10, &state->p_value) < 0 || state->p_value < 0)
+		die(_("option -p expects a non-negative integer, got '%s'"), arg);
 	state->p_value_known = 1;
 	return 0;
 }
diff --git a/t/t4120-apply-popt.sh b/t/t4120-apply-popt.sh
index 697e86c0ff..acb5462a25 100755
--- a/t/t4120-apply-popt.sh
+++ b/t/t4120-apply-popt.sh
@@ -23,6 +23,47 @@ test_expect_success setup '
 	rmdir süb
 '
 
+test_expect_success 'git apply -p 1 patch' '
+	cat >patch <<-\EOF &&
+	From 90ad11d5b2d437e82d4d992f72fb44c2227798b5 Mon Sep 17 00:00:00 2001
+	From: Mroik <mroik@delayed.space>
+	Date: Mon, 9 Mar 2026 23:25:00 +0100
+	Subject: [PATCH] Test
+
+	---
+	 t/test/test | 0
+	 1 file changed, 0 insertions(+), 0 deletions(-)
+	 create mode 100644 t/test/test
+
+	diff --git a/t/test/test b/t/test/test
+	new file mode 100644
+	index 0000000000..e69de29bb2
+	-- 
+	2.53.0.851.ga537e3e6e9
+	EOF
+	test_when_finished "rm -rf t" &&
+	git apply -p 1 patch &&
+	test_path_is_dir t
+'
+
+test_expect_success 'apply fails due to non-num -p' '
+	test_when_finished "rm -rf t test err" &&
+	test_must_fail git apply -p malformed patch 2>err &&
+	test_grep "option -p expects a non-negative integer" err
+'
+
+test_expect_success 'apply fails due to trailing non-digit in -p' '
+	test_when_finished "rm -rf t test err" &&
+	test_must_fail git apply -p 2q patch 2>err &&
+	test_grep "option -p expects a non-negative integer" err
+'
+
+test_expect_success 'apply fails due to negative number in -p' '
+	test_when_finished "rm -rf t test err patch" &&
+	test_must_fail git apply -p -1 patch 2> err &&
+	test_grep "option -p expects a non-negative integer" err
+'
+
 test_expect_success 'apply git diff with -p2' '
 	cp file1.saved file1 &&
 	git apply -p2 patch.file
-- 
2.53.0.959.g497ff81fa9


  parent reply	other threads:[~2026-03-16  0:51 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-03-09 23:26 [PATCH] apply.c: fix -p argument parsing Mirko Faina
2026-03-09 23:43 ` Junio C Hamano
2026-03-10  0:54 ` [PATCH v2] " Mirko Faina
2026-03-10  3:31   ` Junio C Hamano
2026-03-10  4:45     ` Mirko Faina
2026-03-10  5:06   ` [PATCH v3] " Mirko Faina
2026-03-10 13:13     ` Junio C Hamano
2026-03-13  0:16     ` Jeff King
2026-03-13  1:12       ` Jeff King
2026-03-13  1:29         ` Jeff King
2026-03-13  4:27         ` Junio C Hamano
2026-03-13  4:19       ` Junio C Hamano
2026-03-13  3:19     ` [PATCH v4] " Mirko Faina
2026-03-13  4:39       ` Junio C Hamano
2026-03-16  0:51       ` Mirko Faina [this message]
2026-03-16  0:52         ` [PATCH] " Mirko Faina
2026-03-16 19:56         ` Junio C Hamano
2026-03-15 17:22 ` Tian Yuchen
2026-03-15 17:56   ` Mirko Faina

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260316005120.7079-1-mroik@delayed.space \
    --to=mroik@delayed.space \
    --cc=a3205153416@gmail.com \
    --cc=git@vger.kernel.org \
    --cc=gitster@pobox.com \
    --cc=peff@peff.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox