CVSROOT: /cvs
Module name: src
Changes by: mill...@cvs.openbsd.org 2024/08/22 18:58:04
Modified files:
usr.sbin/cron : entry.c
Log message:
cron: use strtonum() and tighter limits on step values
Using strtonum() instead of atoi() gives us an extra layer of bounds
checking for free while parsing an entry. This is in addition to
the existing bounds checking in set_range(). The step value is now
limited to the maximum range for an entry. If the field consists
of a range, the step must not be larger than the difference between
the high and low parts of the range. OK deraadt@
