The following commit has been merged in the master branch:
commit 1e1038d76a201b179f900fcfc442a94e4aa3b3eb
Author: Raphael Hertzog <hert...@debian.org>
Date: Mon Mar 23 16:01:22 2009 +0100
Global review of error checking associated to strtol functions
Several calls to strtol() or strtoul() are not followed by a
proper check that ensures that they have parsed an integer value
(and not an empty string).
diff --git a/dpkg-split/info.c b/dpkg-split/info.c
index 802b58a..94cbe87 100644
--- a/dpkg-split/info.c
+++ b/dpkg-split/info.c
@@ -43,7 +43,7 @@ static unsigned long unsignedlong(const char *value, const
char *fn, const char
char *endp;
r= strtoul(value,&endp,10);
- if (*endp)
+ if (value == endp || *endp)
ohshit(_("file `%.250s' is corrupt - bad digit (code %d) in
%s"),fn,*endp,what);
return r;
}
diff --git a/dpkg-split/main.c b/dpkg-split/main.c
index 2b49709..2b8640a 100644
--- a/dpkg-split/main.c
+++ b/dpkg-split/main.c
@@ -115,6 +115,8 @@ static void setpartsize(const struct cmdinfo *cip, const
char *value) {
char *endp;
newpartsize= strtol(value,&endp,10);
+ if (value == endp || *endp)
+ badusage(_("invalid integer for --%s: `%.250s'"), cip->olong, value);
if (newpartsize <= 0 || newpartsize > (INT_MAX >> 10))
badusage(_("part size is far too large or is not positive"));
diff --git a/src/filesdb.c b/src/filesdb.c
index 5a67369..baee5f2 100644
--- a/src/filesdb.c
+++ b/src/filesdb.c
@@ -400,7 +400,7 @@ void ensure_statoverrides(void) {
*ptr=0;
if (thisline[0]=='#') {
fso->uid=strtol(thisline + 1, &endptr, 10);
- if (*endptr!=0)
+ if (thisline + 1 == endptr || *endptr)
ohshit(_("syntax error: invalid uid in statoverride file"));
} else {
struct passwd* pw = getpwnam(thisline);
@@ -421,7 +421,7 @@ void ensure_statoverrides(void) {
*ptr=0;
if (thisline[0]=='#') {
fso->gid=strtol(thisline + 1, &endptr, 10);
- if (*endptr!=0)
+ if (thisline + 1 == endptr || *endptr)
ohshit(_("syntax error: invalid gid in statoverride file"));
} else {
struct group* gr = getgrnam(thisline);
@@ -441,7 +441,7 @@ void ensure_statoverrides(void) {
ohshit(_("syntax error in statoverride file"));
*ptr=0;
fso->mode=strtol(thisline, &endptr, 8);
- if (*endptr!=0)
+ if (thisline == endptr || *endptr)
ohshit(_("syntax error: invalid mode in statoverride file"));
/* Move to the next bit */
diff --git a/src/main.c b/src/main.c
index d45de7e..b4e63fa 100644
--- a/src/main.c
+++ b/src/main.c
@@ -248,7 +248,7 @@ static void setdebug(const struct cmdinfo *cpi, const char
*value) {
}
f_debug= strtoul(value,&endp,8);
- if (*endp) badusage(_("--debug requires an octal argument"));
+ if (value == endp || *endp) badusage(_("--debug requires an octal
argument"));
}
static void setroot(const struct cmdinfo *cip, const char *value) {
@@ -293,7 +293,7 @@ static void setinteger(const struct cmdinfo *cip, const
char *value) {
char *ep;
v= strtoul(value,&ep,0);
- if (!*value || *ep || v > INT_MAX)
+ if (value == ep || *ep || v > INT_MAX)
badusage(_("invalid integer for --%s: `%.250s'"),cip->olong,value);
*cip->iassignto= v;
}
@@ -305,7 +305,7 @@ static void setpipe(const struct cmdinfo *cip, const char
*value) {
char *ep;
v= strtoul(value,&ep,0);
- if (*ep || v > INT_MAX)
+ if (value == ep || *ep || v > INT_MAX)
badusage(_("invalid integer for --%s: `%.250s'"),cip->olong,value);
setcloexec(v, _("<package status and progress file descriptor>"));
@@ -537,7 +537,8 @@ void commandfd(const char *const *argv) {
const char **newargs;
char *ptr, *endptr;
FILE *in;
- int c, lno, infd, i, skipchar;
+ unsigned long infd;
+ int c, lno, i, skipchar;
static void (*actionfunction)(const char *const *argv);
pipein = *argv++;
@@ -545,10 +546,12 @@ void commandfd(const char *const *argv) {
badusage(_("--command-fd takes one argument, not zero"));
if (*argv)
badusage(_("--command-fd only takes one argument"));
- if ((infd= strtol(pipein, (char **)NULL, 10)) == -1)
- ohshite(_("invalid number for --command-fd"));
+ errno = 0;
+ infd = strtoul(pipein, &endptr, 10);
+ if (pipein == endptr || *endptr || infd > INT_MAX)
+ ohshite(_("invalid integer for --%s: `%.250s'"), "command-fd", pipein);
if ((in= fdopen(infd, "r")) == NULL)
- ohshite(_("couldn't open `%i' for stream"), infd);
+ ohshite(_("couldn't open `%i' for stream"), (int) infd);
if (setjmp(ejbuf)) { /* expect warning about possible clobbering of argv */
error_unwind(ehflag_bombout); exit(2);
diff --git a/utils/start-stop-daemon.c b/utils/start-stop-daemon.c
index 34ee022..4111fca 100644
--- a/utils/start-stop-daemon.c
+++ b/utils/start-stop-daemon.c
@@ -444,7 +444,7 @@ parse_integer(const char *string, int *value_r)
return -1;
ul = strtoul(string, &ep, 10);
- if (ul > INT_MAX || *ep != '\0')
+ if (string == ep || ul > INT_MAX || *ep != '\0')
return -1;
*value_r = ul;
--
dpkg's main repository
--
To UNSUBSCRIBE, email to debian-dpkg-cvs-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
