fast-import.c::validate_raw_date(): really validate the value

When reading the "raw format" timestamp from the input stream, make sure
that the timezone offset is a reasonable value by imitating 7122f82
(date.c: improve guess between timezone offset and year., 2006-06-08).

We _might_ want to also check if the timestamp itself is reasonable, but
that is left for a separate commit.

Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/fast-import.c b/fast-import.c
index 7ef9865aa6da794ab52cfc50f21f9f41f861fc4f..6faaaacb68999db294d20ecbb30772223bfc1b57 100644 (file)
--- a/fast-import.c
+++ b/fast-import.c
@@ -1744,10 +1744,12 @@ static int validate_raw_date(const char *src, char *result, int maxlen)
 {
        const char *orig_src = src;
        char *endp;
+       unsigned long num;
 
        errno = 0;
 
-       strtoul(src, &endp, 10);
+       num = strtoul(src, &endp, 10);
+       /* NEEDSWORK: perhaps check for reasonable values? */
        if (errno || endp == src || *endp != ' ')
                return -1;
 
@@ -1755,8 +1757,9 @@ static int validate_raw_date(const char *src, char *result, int maxlen)
        if (*src != '-' && *src != '+')
                return -1;
 
-       strtoul(src + 1, &endp, 10);
-       if (errno || endp == src || *endp || (endp - orig_src) >= maxlen)
+       num = strtoul(src + 1, &endp, 10);
+       if (errno || endp == src + 1 || *endp || (endp - orig_src) >= maxlen ||
+           1400 < num)
                return -1;
 
        strcpy(result, orig_src);