If s == "-1" and CPU is i386, then none of the checks is triggered, including the last "(unsigned int) ul != ul", because ul == 2**32 - 1, which fits into "unsigned int".
Fix it by changing the last check to trigger earlier, as soon as it becomes bigger than INT_MAX. Signed-off-by: Max Kirillov <[email protected]> --- This caused failure of "%(contents:lines=-1)` should fail" case from t6302-for-each-ref-filter.sh for me in pu. Don't know why nobody has noticed it. It did not trigger errno, instead wrapping the value. I have libc6 2.13 (debian wheezy) Still can be fooled with carefully chosen negative input. For i386 it's between INT_MIN and something like -UINT_MIN Adding people from the commit which uses the function. git-compat-util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git-compat-util.h b/git-compat-util.h index f649e81..1c0229b 100644 --- a/git-compat-util.h +++ b/git-compat-util.h @@ -815,7 +815,7 @@ static inline int strtoul_ui(char const *s, int base, unsigned int *result) errno = 0; ul = strtoul(s, &p, base); - if (errno || *p || p == s || (unsigned int) ul != ul) + if (errno || *p || p == s || ul > (unsigned long) INT_MAX) return -1; *result = ul; return 0; -- 2.3.4.2801.g3d0809b -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
