jmestwa-coder opened a new pull request, #651:
URL: https://github.com/apache/logging-log4cxx/pull/651
## Summary
This patch hardens integer configuration parsing for `TelnetAppender` by
rejecting malformed and out-of-range numeric values before they reach
allocation-sensitive logic.
Previously, `OptionConverter::toInt()` relied on `atol()` narrowing
behavior, which could silently accept overflowed, underflowed, or partially
parsed values.
## Changes
* replace `atol()` narrowing in `OptionConverter::toInt()` with bounded
`strtoll()` parsing
* reject:
* overflow values
* underflow values
* empty input
* partial numeric parses
* preserve valid integer parsing behavior
* reject negative `MaxConnections` values before resize logic
* remove signed/unsigned resize comparison hazards in `TelnetAppender`
## Tests
Added regression coverage for:
* malformed numeric input rejection
* overflow and underflow handling
* valid integer boundary parsing
* `TelnetAppender` configuration fallback behavior
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
