[SCM] dpkg's main repository branch, master, updated. 1.16.3-55-g058673c

Wed, 23 May 2012 00:19:25 -0700 

The following commit has been merged in the master branch:
commit 157d6447eee0da5e2e393e205dcdd0bcab404c30
Author: Guillem Jover <guil...@debian.org>
Date:   Sat Apr 28 18:33:08 2012 +0200

    Check parsed integers for invalid or no digit errors
    
    Verify that the string is not empty or does not contain trailing junk.

diff --git a/debian/changelog b/debian/changelog
index bc9808a..1dbd2bd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -22,6 +22,8 @@ dpkg (1.16.4) UNRELEASED; urgency=low
   * Remove obsolete --udeb dpkg-scanpackages option.
   * Add arm64 support to cputable. Closes: #672408
     Thanks Wookey <woo...@wookware.org>.
+  * Check parsed integers for invalid or no digit errors in start-stop-daemon
+    and update-alternatives.
 
   [ Updated man page translations ]
   * German (Helge Kreutzmann).
diff --git a/utils/start-stop-daemon.c b/utils/start-stop-daemon.c
index 48f2f1b..be486fd 100644
--- a/utils/start-stop-daemon.c
+++ b/utils/start-stop-daemon.c
@@ -564,12 +564,14 @@ parse_signal(const char *sig_str, int *sig_num)
 static int
 parse_umask(const char *string, int *value_r)
 {
+       char *endptr;
+
        if (!string[0])
                return -1;
 
        errno = 0;
-       *value_r = strtoul(string, NULL, 0);
-       if (errno)
+       *value_r = strtoul(string, &endptr, 0);
+       if (string == endptr || *endptr != '\0' || errno != 0)
                return -1;
        else
                return 0;
diff --git a/utils/update-alternatives.c b/utils/update-alternatives.c
index 74feed3..d83fff3 100644
--- a/utils/update-alternatives.c
+++ b/utils/update-alternatives.c
@@ -1229,7 +1229,7 @@ alternative_parse_fileset(struct alternative *a, struct 
altdb_context *ctx)
                prio_str = altdb_get_line(ctx, _("priority"));
                prio = strtol(prio_str, &prio_end, 10);
                /* XXX: Leak master_file/prio_str on non-fatal error */
-               if (*prio_end != '\0')
+               if (prio_str == prio_end || *prio_end != '\0')
                        ctx->bad_format(ctx, _("priority of %s: %s"),
                                        master_file, prio_str);
                fs = fileset_new(master_file, prio);
@@ -2467,7 +2467,7 @@ main(int argc, char **argv)
                        if (strcmp(argv[i+1], argv[i+3]) == 0)
                                badusage(_("<link> and <path> can't be the 
same"));
                        prio = strtol(prio_str, &prio_end, 10);
-                       if (*prio_end != '\0')
+                       if (prio_str == prio_end || *prio_end != '\0')
                                badusage(_("priority must be an integer"));
 
                        a = alternative_new(argv[i + 2]);

-- 
dpkg's main repository


-- 
To UNSUBSCRIBE, email to debian-dpkg-cvs-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to