grep: NUL terminate input from a file

[git.git] / fast-import.c

diff --git a/fast-import.c b/fast-import.c
index d31a4e8217ea58d6f3c7459877ede7f4b8bf99b2..6faaaacb68999db294d20ecbb30772223bfc1b57 100644 (file)
--- a/fast-import.c
+++ b/fast-import.c
@@ -905,10 +905,10 @@ static char *keep_pack(char *curr_index_name)
 
        keep_fd = odb_pack_keep(name, sizeof(name), pack_data->sha1);
        if (keep_fd < 0)
-               die("cannot create keep file");
+               die_errno("cannot create keep file");
        write_or_die(keep_fd, keep_msg, strlen(keep_msg));
        if (close(keep_fd))
-               die("failed to write keep file");
+               die_errno("failed to write keep file");
 
        snprintf(name, sizeof(name), "%s/pack/pack-%s.pack",
                 get_object_directory(), sha1_to_hex(pack_data->sha1));
@@ -1744,10 +1744,12 @@ static int validate_raw_date(const char *src, char *result, int maxlen)
 {
        const char *orig_src = src;
        char *endp;
+       unsigned long num;
 
        errno = 0;
 
-       strtoul(src, &endp, 10);
+       num = strtoul(src, &endp, 10);
+       /* NEEDSWORK: perhaps check for reasonable values? */
        if (errno || endp == src || *endp != ' ')
                return -1;
 
@@ -1755,8 +1757,9 @@ static int validate_raw_date(const char *src, char *result, int maxlen)
        if (*src != '-' && *src != '+')
                return -1;
 
-       strtoul(src + 1, &endp, 10);
-       if (errno || endp == src || *endp || (endp - orig_src) >= maxlen)
+       num = strtoul(src + 1, &endp, 10);
+       if (errno || endp == src + 1 || *endp || (endp - orig_src) >= maxlen ||
+           1400 < num)
                return -1;
 
        strcpy(result, orig_src);