Author: eadler
Date: Tue May 21 19:56:03 2013
New Revision: 250882
URL: http://svnweb.freebsd.org/changeset/base/250882
Log:
Avoid signed overflow in error handling code.
Reviewed by: cperciva, bjk
Modified:
head/usr.bin/split/split.c
Modified: head/usr.bin/split/split.c
==============================================================================
--- head/usr.bin/split/split.c Tue May 21 19:32:35 2013 (r250881)
+++ head/usr.bin/split/split.c Tue May 21 19:56:03 2013 (r250882)
@@ -379,8 +379,10 @@ newfile(void)
/* maxfiles = pattlen^sufflen, but don't use libm. */
for (maxfiles = 1, i = 0; i < sufflen; i++)
- if ((maxfiles *= pattlen) <= 0)
+ if (LONG_MAX / pattlen < maxfiles)
errx(EX_USAGE, "suffix is too long (max %ld)", i);
+ else
+ maxfiles *= pattlen;
if (fnum == maxfiles)
errx(EX_DATAERR, "too many files");
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
