1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51
|
2009-01-12 Arthur Loiret <aloiret@debian.org>
nss/nss_files/files-parse.c: Include <limits.h>.
(INT_FIELD): Convert field to uintmax_t and check for 32-bit overflow.
(INT_FIELD_MAYBE_NULL): Likewise.
---
nss/nss_files/files-parse.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
--- a/nss/nss_files/files-parse.c
+++ b/nss/nss_files/files-parse.c
@@ -20,6 +20,7 @@
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
+#include <limits.h>
/* These symbols are defined by the including source file:
@@ -159,7 +160,12 @@
# define INT_FIELD(variable, terminator_p, swallow, base, convert) \
{ \
char *endp; \
- variable = convert (strtou32 (line, &endp, base)); \
+ unsigned long long tmp; \
+ /* Prevent from 32-bit overflow. */ \
+ tmp = __strtoull_internal (line, &endp, base, 0); \
+ if (tmp > UINT_MAX) \
+ return 0; \
+ variable = convert ((unsigned long int)tmp); \
if (endp == line) \
return 0; \
else if (terminator_p (*endp)) \
@@ -174,10 +180,15 @@
# define INT_FIELD_MAYBE_NULL(variable, terminator_p, swallow, base, convert, default) \
{ \
char *endp; \
+ unsigned long long tmp; \
if (*line == '\0') \
/* We expect some more input, so don't allow the string to end here. */ \
return 0; \
- variable = convert (strtou32 (line, &endp, base)); \
+ /* Prevent from 32-bit overflow. */ \
+ tmp = __strtoull_internal (line, &endp, base, 0); \
+ if (tmp > UINT_MAX) \
+ return 0; \
+ variable = convert ((unsigned long int)tmp); \
if (endp == line) \
variable = default; \
if (terminator_p (*endp)) \
|