commit 06227823b7e714dc42c8b3088e152be044e03b46
from: Omar Polo <op@omarpolo.com>
via: Thomas Adam <thomas@xteddy.org>
date: Thu Jun 23 14:09:34 2022 UTC

actually guarding against negative line offsets

previous commit looked at some pretty zeroes returned from calloc
instead of the actual numbers received.

commit - 047c926f0572281a2cb8f6a7571e204e48eff0d4
commit + 06227823b7e714dc42c8b3088e152be044e03b46
blob - 610c1fa187ef0331d4676663f825674435302972
blob + 1eb449f5b54c82290ced9fb2863172a511a5c43a
--- lib/patch.c
+++ lib/patch.c
@@ -239,12 +239,12 @@ recv_patch(struct imsgbuf *ibuf, int *done, struct got
 				goto done;
 			}
 			memcpy(&hdr, imsg.data, sizeof(hdr));
-			if ((h = calloc(1, sizeof(*h))) == NULL) {
-				err = got_error_from_errno("calloc");
+			if (hdr.oldfrom < 0 || hdr.newfrom < 0) {
+				err = got_error(GOT_ERR_PRIVSEP_LEN);
 				goto done;
 			}
-			if (h->old_from < 0 || h->new_from < 0) {
-				err = got_error(GOT_ERR_PRIVSEP_LEN);
+			if ((h = calloc(1, sizeof(*h))) == NULL) {
+				err = got_error_from_errno("calloc");
 				goto done;
 			}
 			h->old_from = hdr.oldfrom;