#3145: atoi() is not safe (undefined behavior if value is not representable)
--------------------+-------------------------------------------------------
Reporter: vinc17 | Owner: mutt-dev
Type: defect | Status: new
Priority: major | Milestone:
Component: mutt | Version: 1.5.18
Keywords: |
--------------------+-------------------------------------------------------
Mutt uses the standard atoi() function in some number of places. But this
function can have undefined behavior in case of error, e.g. if the value
cannot be represented:
7.20.1 String conversion functions
[1] The functions atof, atoi, atol, and atoll need not
affect the value of the integer expression errno on an
error. If the value of the result cannot be represented,
the behavior is undefined.
atoi may be safe in some cases, but this is not documented. Sometimes it
isn't at all (e.g. in smtp.c), with a possible security problem. strtol
should be used instead, with proper error checking, to avoid things like
memory corruption, crashes and so on.
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3145>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
