Module Name: src
Committed By: manu
Date: Wed May 27 15:31:15 UTC 2015
Modified Files:
src/sbin/raidctl: raidctl.c
Log Message:
Better sanity check numbers given to raidctl(8)
Replace atoi(3) by strtol(3), and check that numbers are valid,
positive, and in int32_t range. The previous lack of check could
silently lead to the same serial being set to all RAID volumes
for instance because given numbers were bigger than INT_MAX. The
consequence is in an awful mess when RAIDframe would mix volumes...
To generate a diff of this commit:
cvs rdiff -u -r1.57 -r1.58 src/sbin/raidctl/raidctl.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sbin/raidctl/raidctl.c
diff -u src/sbin/raidctl/raidctl.c:1.57 src/sbin/raidctl/raidctl.c:1.58
--- src/sbin/raidctl/raidctl.c:1.57 Thu Apr 3 18:54:10 2014
+++ src/sbin/raidctl/raidctl.c Wed May 27 15:31:15 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: raidctl.c,v 1.57 2014/04/03 18:54:10 christos Exp $ */
+/* $NetBSD: raidctl.c,v 1.58 2015/05/27 15:31:15 manu Exp $ */
/*-
* Copyright (c) 1996, 1997, 1998 The NetBSD Foundation, Inc.
@@ -39,7 +39,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: raidctl.c,v 1.57 2014/04/03 18:54:10 christos Exp $");
+__RCSID("$NetBSD: raidctl.c,v 1.58 2015/05/27 15:31:15 manu Exp $");
#endif
@@ -85,6 +85,7 @@ static void get_bar(char *, double, int
static void get_time_string(char *, int);
static void rf_output_pmstat(int, int);
static void rf_pm_configure(int, int, char *, int[]);
+static unsigned int _strtoud(char *);
int verbose;
@@ -183,7 +184,7 @@ main(int argc,char *argv[])
break;
case 'I':
action = RAIDFRAME_INIT_LABELS;
- serial_number = atoi(optarg);
+ serial_number = _strtoud(optarg);
num_options++;
break;
case 'm':
@@ -195,11 +196,11 @@ main(int argc,char *argv[])
action = RAIDFRAME_PARITYMAP_SET_DISABLE;
parityconf = strdup(optarg);
num_options++;
- /* XXXjld: should rf_pm_configure do the atoi()s? */
+ /* XXXjld: should rf_pm_configure do the strtol()s? */
i = 0;
while (i < 3 && optind < argc &&
isdigit((int)argv[optind][0]))
- parityparams[i++] = atoi(argv[optind++]);
+ parityparams[i++] = _strtoud(argv[optind++]);
while (i < 3)
parityparams[i++] = 0;
break;
@@ -1158,3 +1159,26 @@ usage(void)
exit(1);
/* NOTREACHED */
}
+
+static unsigned int
+_strtoud(char *str)
+{
+ long num;
+ char *ep;
+
+ errno = 0;
+ num = strtol(str, &ep, 10);
+ if (str[0] == '\0' || *ep != '\0')
+ errx(1, "Not a number: %s", str);
+
+ if (errno)
+ err(1, "Inavlid number %s", str);
+
+ if (num < 0)
+ errx(1, "Negative number: %s", str);
+
+ if (num > INT_MAX)
+ errx(1, "Number too large: %s", str);
+
+ return (unsigned int)num;
+}
