From: "Usman Akinyemi via GitGitGadget" <gitgitgadget@gmail.com>
To: git@vger.kernel.org
Cc: Usman Akinyemi <usmanakinyemi202@gmail.com>
Subject: [PATCH v2 0/3] parse: replace atoi() with strtoul_ui() and strtol_i()
Date: Fri, 18 Oct 2024 13:52:57 +0000 [thread overview]
Message-ID: <pull.1810.v2.git.git.1729259580.gitgitgadget@gmail.com> (raw)
In-Reply-To: <pull.1810.git.git.1728774574.gitgitgadget@gmail.com>
Changes from Version 1:
* In my initial commit, I mistakenly included changes from a different
patch and commit. This issue has now been resolved.
* I have split the original commit into three separate patches for better
clarity and organization.
* I added corresponding tests for each of the changes to ensure proper
functionality.
* In the first version, I used the following logic: if (strtoul_ui(v, 10,
&timeout) == 0) Based on feedback from my mentor, I improved it to:
(strtoul_ui(v, 10, &timeout)) and similar cases.
Usman Akinyemi (3):
daemon: replace atoi() with strtoul_ui() and strtol_i()
merge: replace atoi() with strtol_i() for marker size validation
imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT
parsing
daemon.c | 11 +++++++----
imap-send.c | 13 ++++++++-----
merge-ll.c | 6 ++++--
t/t5570-git-daemon.sh | 27 ++++++++++++++++++++++++++-
t/t6406-merge-attr.sh | 7 +++++++
5 files changed, 52 insertions(+), 12 deletions(-)
base-commit: 90fe3800b92a49173530828c0a17951abd30f0e1
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1810%2FUnique-Usman%2Fr_atoi-v2
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1810/Unique-Usman/r_atoi-v2
Pull-Request: https://github.com/git/git/pull/1810
Range-diff vs v1:
1: bfff7937cd2 < -: ----------- t3404: avoid losing exit status with focus on `git show` and `git cat-file`
2: e2cae7f3a51 < -: ----------- t3404: replace test with test_line_count()
-: ----------- > 1: a333d8a4013 daemon: replace atoi() with strtoul_ui() and strtol_i()
-: ----------- > 2: 5d58c150efb merge: replace atoi() with strtol_i() for marker size validation
3: c93bc2d81ff ! 3: c09c7b3df0d parse: replace atoi() with strtoul_ui() and strtol_i()
@@ Metadata
Author: Usman Akinyemi <usmanakinyemi202@gmail.com>
## Commit message ##
- parse: replace atoi() with strtoul_ui() and strtol_i()
+ imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing
- Replace unsafe uses of atoi() with strtoul_ui() for unsigned integers
- and strtol_i() for signed integers across multiple files. This change
- improves error handling and prevents potential integer overflow issues.
-
- The following files were updated:
- - daemon.c: Update parsing of --timeout, --init-timeout, and
- --max-connections
- - imap-send.c: Improve parsing of UIDVALIDITY, UIDNEXT, APPENDUID, and
- tags
- - merge-ll.c: Enhance parsing of marker size in ll_merge and
- ll_merge_marker_size
-
- This change allows for better error detection when parsing integer
- values from command-line arguments and IMAP responses, making the code
- more robust and secure.
-
- This is a #leftoverbit discussed here:
- https://public-inbox.org/git/CAC4O8c-nuOTS=a0sVp1603KaM2bZjs+yNZzdAaa5CGTNGFE7hQ@mail.gmail.com/
+ Replaced unsafe uses of atoi() with strtol_i() to improve error handling
+ when parsing UIDVALIDITY, UIDNEXT, and APPENDUID in IMAP commands.
+ Invalid values, such as those with letters,
+ now trigger error messages and prevent malformed status responses.
Signed-off-by: Usman Akinyemi <usmanakinyemi202@gmail.com>
- Cc: gitster@pobox.com
- Cc: Patrick Steinhardt <ps@pks.im>
- Cc: phillip.wood123@gmail.com
- Cc: Christian Couder <christian.couder@gmail.com>
- Cc: Eric Sunshine <sunshine@sunshineco.com>
- Cc: Taylor Blau <me@ttaylorr.com>
-
- ## daemon.c ##
-@@ daemon.c: int cmd_main(int argc, const char **argv)
- continue;
- }
- if (skip_prefix(arg, "--timeout=", &v)) {
-- timeout = atoi(v);
-+ if (strtoul_ui(v, 10, &timeout) < 0) {
-+ die("'%s': not a valid integer for --timeout", v);
-+ }
- continue;
- }
- if (skip_prefix(arg, "--init-timeout=", &v)) {
-- init_timeout = atoi(v);
-+ if (strtoul_ui(v, 10, &init_timeout) < 0) {
-+ die("'%s': not a valid integer for --init-timeout", v);
-+ }
- continue;
- }
- if (skip_prefix(arg, "--max-connections=", &v)) {
-- max_connections = atoi(v);
-- if (max_connections < 0)
-- max_connections = 0; /* unlimited */
-+ if (strtol_i(v, 10, &max_connections) != 0 || max_connections < 0) {
-+ max_connections = 0; /* unlimited */
-+ }
- continue;
- }
- if (!strcmp(arg, "--strict-paths")) {
-
## imap-send.c ##
@@ imap-send.c: static int parse_response_code(struct imap_store *ctx, struct imap_cmd_cb *cb,
return RESP_BAD;
}
if (!strcmp("UIDVALIDITY", arg)) {
- if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg))) {
-+ if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &ctx->uidvalidity) != 0) {
++ if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &ctx->uidvalidity) || !ctx->uidvalidity) {
fprintf(stderr, "IMAP error: malformed UIDVALIDITY status\n");
return RESP_BAD;
}
} else if (!strcmp("UIDNEXT", arg)) {
- if (!(arg = next_arg(&s)) || !(imap->uidnext = atoi(arg))) {
-+ if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &imap->uidnext) != 0) {
++ if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &imap->uidnext) || !imap->uidnext) {
fprintf(stderr, "IMAP error: malformed NEXTUID status\n");
return RESP_BAD;
}
@@ imap-send.c: static int parse_response_code(struct imap_store *ctx, struct imap_
} else if (cb && cb->ctx && !strcmp("APPENDUID", arg)) {
- if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg)) ||
- !(arg = next_arg(&s)) || !(*(int *)cb->ctx = atoi(arg))) {
-+ if (!(arg = next_arg(&s)) || (strtol_i(arg, 10, &ctx->uidvalidity) != 0) ||
-+ !(arg = next_arg(&s)) || (strtol_i(arg, 10, (int *)cb->ctx) != 0)) {
++ if (!(arg = next_arg(&s)) || (strtol_i(arg, 10, &ctx->uidvalidity) || !ctx->uidvalidity) ||
++ !(arg = next_arg(&s)) || (strtol_i(arg, 10, (int *)cb->ctx) || !cb->ctx)) {
fprintf(stderr, "IMAP error: malformed APPENDUID status\n");
return RESP_BAD;
}
@@ imap-send.c: static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *
return DRV_OK;
} else {
- tag = atoi(arg);
-+ if (strtol_i(arg, 10, &tag) != 0) {
++ if (strtol_i(arg, 10, &tag)) {
+ fprintf(stderr, "IMAP error: malformed tag %s\n", arg);
+ return RESP_BAD;
+ }
for (pcmdp = &imap->in_progress; (cmdp = *pcmdp); pcmdp = &cmdp->next)
if (cmdp->tag == tag)
goto gottag;
-
- ## merge-ll.c ##
-@@ merge-ll.c: enum ll_merge_result ll_merge(mmbuffer_t *result_buf,
- git_check_attr(istate, path, check);
- ll_driver_name = check->items[0].value;
- if (check->items[1].value) {
-- marker_size = atoi(check->items[1].value);
-- if (marker_size <= 0)
-+ if (strtol_i(check->items[1].value, 10, &marker_size) != 0 || marker_size <= 0)
- marker_size = DEFAULT_CONFLICT_MARKER_SIZE;
- }
- driver = find_ll_merge_driver(ll_driver_name);
-@@ merge-ll.c: int ll_merge_marker_size(struct index_state *istate, const char *path)
- check = attr_check_initl("conflict-marker-size", NULL);
- git_check_attr(istate, path, check);
- if (check->items[0].value) {
-- marker_size = atoi(check->items[0].value);
-- if (marker_size <= 0)
-+ if (strtol_i(check->items[0].value, 10, &marker_size) != 0 || marker_size <= 0)
- marker_size = DEFAULT_CONFLICT_MARKER_SIZE;
- }
- return marker_size;
--
gitgitgadget
next prev parent reply other threads:[~2024-10-18 13:53 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-12 23:09 [PATCH 0/3] R atoi Usman Akinyemi via GitGitGadget
2024-10-12 23:09 ` [PATCH 1/3] t3404: avoid losing exit status with focus on `git show` and `git cat-file` Usman Akinyemi via GitGitGadget
2024-10-14 21:29 ` Taylor Blau
2024-10-12 23:09 ` [PATCH 2/3] t3404: replace test with test_line_count() Usman Akinyemi via GitGitGadget
2024-10-14 21:35 ` Taylor Blau
2024-10-12 23:09 ` [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() Usman Akinyemi via GitGitGadget
2024-10-13 9:42 ` Usman Akinyemi
2024-10-14 9:00 ` Phillip Wood
2024-10-14 15:56 ` Usman Akinyemi
2024-10-14 10:53 ` Patrick Steinhardt
2024-10-14 13:57 ` Phillip Wood
2024-10-14 14:00 ` Patrick Steinhardt
2024-10-14 14:55 ` Phillip Wood
2024-10-14 16:13 ` Usman Akinyemi
2024-10-14 16:26 ` Usman Akinyemi
2024-10-14 18:36 ` phillip.wood123
2024-10-15 15:17 ` Usman Akinyemi
2024-10-15 16:19 ` Taylor Blau
2024-10-16 17:58 ` Usman Akinyemi
2024-10-15 18:28 ` phillip.wood123
2024-10-16 9:20 ` Phillip Wood
2024-10-16 18:00 ` Usman Akinyemi
2024-10-17 11:56 ` Usman Akinyemi
2024-10-17 12:02 ` Patrick Steinhardt
2024-10-17 12:13 ` Usman Akinyemi
2024-10-14 16:03 ` Usman Akinyemi
2024-10-14 9:49 ` Phillip Wood
2024-10-14 10:06 ` Kristoffer Haugsbakk
2024-10-14 13:48 ` Phillip Wood
2024-10-14 18:20 ` Usman Akinyemi
2024-10-14 18:30 ` phillip.wood123
2024-10-17 11:16 ` Usman Akinyemi
2024-10-18 13:52 ` Usman Akinyemi via GitGitGadget [this message]
2024-10-18 13:52 ` [PATCH v2 1/3] daemon: " Usman Akinyemi via GitGitGadget
2024-10-21 12:20 ` Patrick Steinhardt
2024-10-21 13:43 ` Usman Akinyemi
2024-10-21 16:24 ` Taylor Blau
2024-10-21 16:34 ` Usman Akinyemi
2024-10-18 13:52 ` [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation Usman Akinyemi via GitGitGadget
2024-10-21 12:20 ` Patrick Steinhardt
2024-10-21 14:24 ` Usman Akinyemi
2024-10-21 16:34 ` Taylor Blau
2024-10-21 16:39 ` Usman Akinyemi
2024-10-21 18:00 ` Usman Akinyemi
2024-10-21 19:56 ` Taylor Blau
2024-10-30 15:20 ` Phillip Wood
2024-10-30 16:19 ` Usman Akinyemi
2024-10-31 9:58 ` Phillip Wood
2024-10-31 12:21 ` Usman Akinyemi
2024-11-06 6:05 ` Usman Akinyemi
2024-11-06 16:03 ` phillip.wood123
2024-10-18 13:53 ` [PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing Usman Akinyemi via GitGitGadget
2024-10-21 12:20 ` Patrick Steinhardt
2024-10-21 12:27 ` Usman Akinyemi
2024-10-21 12:34 ` Patrick Steinhardt
2024-10-21 14:38 ` Usman Akinyemi
2024-10-21 16:35 ` Taylor Blau
2024-10-21 16:36 ` Usman Akinyemi
2024-10-22 13:43 ` Usman Akinyemi
2024-10-18 21:21 ` [PATCH v2 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() Taylor Blau
2024-10-18 21:29 ` Usman Akinyemi
2024-10-18 21:35 ` Taylor Blau
2024-10-18 21:43 ` Usman Akinyemi
2024-10-22 5:23 ` [PATCH v3 " Usman Akinyemi via GitGitGadget
2024-10-22 5:23 ` [PATCH v3 1/3] daemon: " Usman Akinyemi via GitGitGadget
2024-10-22 16:21 ` Taylor Blau
2024-10-22 22:06 ` Usman Akinyemi
2024-10-22 5:23 ` [PATCH v3 2/3] merge: replace atoi() with strtol_i() for marker size validation Usman Akinyemi via GitGitGadget
2024-10-22 5:23 ` [PATCH v3 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing Usman Akinyemi via GitGitGadget
2024-10-22 22:08 ` [PATCH v4 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() Usman Akinyemi via GitGitGadget
2024-10-22 22:08 ` [PATCH v4 1/3] daemon: " Usman Akinyemi via GitGitGadget
2024-10-22 22:08 ` [PATCH v4 2/3] merge: replace atoi() with strtol_i() for marker size validation Usman Akinyemi via GitGitGadget
2024-10-22 22:08 ` [PATCH v4 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing Usman Akinyemi via GitGitGadget
2024-10-23 6:05 ` Patrick Steinhardt
2024-10-23 7:40 ` Usman Akinyemi
2024-10-23 7:40 ` [PATCH v5 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() Usman Akinyemi via GitGitGadget
2024-10-23 7:40 ` [PATCH v5 1/3] daemon: " Usman Akinyemi via GitGitGadget
2024-10-23 20:31 ` Taylor Blau
2024-10-24 0:23 ` Usman Akinyemi
2024-10-23 7:40 ` [PATCH v5 2/3] merge: replace atoi() with strtol_i() for marker size validation Usman Akinyemi via GitGitGadget
2024-10-23 20:32 ` Taylor Blau
2024-10-24 0:23 ` Usman Akinyemi
2024-10-23 7:40 ` [PATCH v5 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing Usman Akinyemi via GitGitGadget
2024-10-23 8:52 ` [PATCH v5 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() Patrick Steinhardt
2024-10-23 20:33 ` Taylor Blau
2024-10-24 0:25 ` Usman Akinyemi
2024-10-24 0:24 ` [PATCH v6 " Usman Akinyemi via GitGitGadget
2024-10-24 0:24 ` [PATCH v6 1/3] daemon: " Usman Akinyemi via GitGitGadget
2024-10-24 0:24 ` [PATCH v6 2/3] merge: replace atoi() with strtol_i() for marker size validation Usman Akinyemi via GitGitGadget
2024-10-24 0:24 ` [PATCH v6 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing Usman Akinyemi via GitGitGadget
2024-10-24 18:03 ` [PATCH v6 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() Taylor Blau
2024-10-25 5:06 ` Patrick Steinhardt
2024-10-25 6:11 ` Usman Akinyemi
2024-10-25 14:44 ` Taylor Blau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=pull.1810.v2.git.git.1729259580.gitgitgadget@gmail.com \
--to=gitgitgadget@gmail.com \
--cc=git@vger.kernel.org \
--cc=usmanakinyemi202@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).