diff options
author | Guillem Jover <guillem@debian.org> | 2012-04-28 18:33:08 +0200 |
---|---|---|
committer | Guillem Jover <guillem@debian.org> | 2012-05-23 09:09:22 +0200 |
commit | 2bf4b48a9a6f7ddf854179b4b74013534e4594b9 (patch) | |
tree | 5170fb6602115dae040b44a0a5bada113d1f6645 /src/statdb.c | |
parent | 157d6447eee0da5e2e393e205dcdd0bcab404c30 (diff) | |
download | dpkg-2bf4b48a9a6f7ddf854179b4b74013534e4594b9.tar.gz |
Check parsed integers for out of range errors
Verify that the numbers are not out of the range; i.e. that no negative
values are allowed if not appropriate, and that no overflows occur.
Closes: #580038
Diffstat (limited to 'src/statdb.c')
-rw-r--r-- | src/statdb.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/statdb.c b/src/statdb.c index f64e89b79..24601ad97 100644 --- a/src/statdb.c +++ b/src/statdb.c @@ -4,7 +4,7 @@ * * Copyright © 1995 Ian Jackson <ian@chiark.greenend.org.uk> * Copyright © 2000, 2001 Wichert Akkerman <wakkerma@debian.org> - * Copyright © 2008-2010 Guillem Jover <guillem@debian.org> + * Copyright © 2008-2012 Guillem Jover <guillem@debian.org> * * This is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -54,8 +54,9 @@ statdb_parse_uid(const char *str) if (str[0] == '#') { long int value; + errno = 0; value = strtol(str + 1, &endptr, 10); - if (str + 1 == endptr || *endptr || value < 0) + if (str + 1 == endptr || *endptr || value < 0 || errno != 0) ohshit(_("syntax error: invalid uid in statoverride file")); uid = (uid_t)value; } else { @@ -78,8 +79,9 @@ statdb_parse_gid(const char *str) if (str[0] == '#') { long int value; + errno = 0; value = strtol(str + 1, &endptr, 10); - if (str + 1 == endptr || *endptr || value < 0) + if (str + 1 == endptr || *endptr || value < 0 || errno != 0) ohshit(_("syntax error: invalid gid in statoverride file")); gid = (gid_t)value; } else { |