On Thu, Jan 02, 2014 at 04:24:04PM +0100, Jan Kratochvil wrote: > On Wed, 25 Dec 2013 23:10:50 +0100, Mark Wielaard wrote: > > It would be zero in the very unlikely case atoi doesn't see any digits. > > If you want to check /proc files validity there should be strtol and not > atoi. > "Tgid: 42foo\n" still gets parsed as 42 by the code above.
OK, it is somewhat unlikely that the /proc file would be that garbled, but with strtol we can at least detect it. Thanks, Mark
>From 68de442d13f7b3192d0b81634c0f2136002c4552 Mon Sep 17 00:00:00 2001 From: Mark Wielaard <[email protected]> Date: Thu, 2 Jan 2014 21:17:18 +0100 Subject: [PATCH] libdwfl: linux-pid-attach.c (dwfl_linux_proc_attach): Use and check strtol Signed-off-by: Mark Wielaard <[email protected]> --- libdwfl/ChangeLog | 4 ++++ libdwfl/linux-pid-attach.c | 11 +++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog index 2190899..766fb18 100644 --- a/libdwfl/ChangeLog +++ b/libdwfl/ChangeLog @@ -1,3 +1,7 @@ +2014-01-02 Mark Wielaard <[email protected]> + + * linux-pid-attach.c (dwfl_linux_proc_attach): Use strtol, not atoi. + 2013-12-30 Mark Wielaard <[email protected]> * argp-std.c (parse_opt): Call dwfl_linux_proc_attach and diff --git a/libdwfl/linux-pid-attach.c b/libdwfl/linux-pid-attach.c index 21ff4b9..58d6942 100644 --- a/libdwfl/linux-pid-attach.c +++ b/libdwfl/linux-pid-attach.c @@ -306,8 +306,15 @@ dwfl_linux_proc_attach (Dwfl *dwfl, pid_t pid, bool assume_ptrace_stopped) while (getline (&line, &linelen, procfile) >= 0) if (strncmp (line, "Tgid:", 5) == 0) { - pid = atoi (&line[5]); - break; + errno = 0; + char *endptr; + long val = strtol (&line[5], &endptr, 10); + if ((errno == ERANGE && val == LONG_MAX) + || *endptr != '\n' || val < 0 || val != (pid_t) val) + pid = 0; + else + pid = (pid_t) val; + break; } free (line); fclose (procfile); -- 1.8.4.2
