commit 5b7126c502f8d046d0779dd2cb0558163c383819
from: Omar Polo <op@omarpolo.com>
date: Tue Jun 14 08:31:16 2022 UTC

actually guarding against negative line offsets

previous commit looked at some pretty zeroes returned from calloc
instead of the actual numbers received.

commit - 2399b53d3a5f7a784efc54b86027b4f50f65ac41
commit + 5b7126c502f8d046d0779dd2cb0558163c383819
blob - e14bc4b63112230a31cd5231efc94a703c80f4e9
blob + 7e310aecff9b929aea8d42b20f432b08c127268f
--- lib/patch.c
+++ lib/patch.c
@@ -242,12 +242,12 @@ recv_patch(struct imsgbuf *ibuf, int *done, struct got
 				goto done;
 			}
 			memcpy(&hdr, imsg.data, sizeof(hdr));
-			if ((h = calloc(1, sizeof(*h))) == NULL) {
-				err = got_error_from_errno("calloc");
+			if (hdr.oldfrom < 0 || hdr.newfrom < 0) {
+				err = got_error(GOT_ERR_PRIVSEP_LEN);
 				goto done;
 			}
-			if (h->old_from < 0 || h->new_from < 0) {
-				err = got_error(GOT_ERR_PRIVSEP_LEN);
+			if ((h = calloc(1, sizeof(*h))) == NULL) {
+				err = got_error_from_errno("calloc");
 				goto done;
 			}
 			h->old_from = hdr.oldfrom;