On Thu, Sep 25, 2014 at 10:37:28PM +0000, Xin LI wrote: > Author: delphij > Date: Thu Sep 25 22:37:27 2014 > New Revision: 272144 > URL: http://svnweb.freebsd.org/changeset/base/272144 > > Log: > The strtol(3) family of functions would set errno when it hits one. > Check errno and handle it as invalid input. >
But this requires explicitely setting errno to 0 before strto* call, otherwise you cannot know whether errno is meaningful when you test it. Also it looks like the code would use some deduplications with macros or something. > Obtained from: HardenedBSD > Submitted by: David CARLIER <devne...@gmail.com> > MFC after: 2 weeks > > Modified: > head/sbin/sysctl/sysctl.c > > Modified: head/sbin/sysctl/sysctl.c > ============================================================================== > --- head/sbin/sysctl/sysctl.c Thu Sep 25 22:22:57 2014 (r272143) > +++ head/sbin/sysctl/sysctl.c Thu Sep 25 22:37:27 2014 (r272144) > @@ -305,7 +305,8 @@ parse(const char *string, int lineno) > } else { > intval = (int)strtol(newval, &endptr, > 0); > - if (endptr == newval || *endptr != > '\0') { > + if (errno != 0 || endptr == newval || > + *endptr != '\0') { > warnx("invalid integer '%s'%s", > (char *)newval, line); > return (1); > @@ -316,7 +317,8 @@ parse(const char *string, int lineno) > break; > case CTLTYPE_UINT: > uintval = (int) strtoul(newval, &endptr, 0); > - if (endptr == newval || *endptr != '\0') { > + if (errno != 0 || endptr == newval || > + *endptr != '\0') { > warnx("invalid unsigned integer '%s'%s", > (char *)newval, line); > return (1); > @@ -326,7 +328,8 @@ parse(const char *string, int lineno) > break; > case CTLTYPE_LONG: > longval = strtol(newval, &endptr, 0); > - if (endptr == newval || *endptr != '\0') { > + if (errno != 0 || endptr == newval || > + *endptr != '\0') { > warnx("invalid long integer '%s'%s", > (char *)newval, line); > return (1); > @@ -336,7 +339,8 @@ parse(const char *string, int lineno) > break; > case CTLTYPE_ULONG: > ulongval = strtoul(newval, &endptr, 0); > - if (endptr == newval || *endptr != '\0') { > + if (errno != 0 || endptr == newval || > + *endptr != '\0') { > warnx("invalid unsigned long integer" > " '%s'%s", (char *)newval, line); > return (1); > @@ -348,7 +352,8 @@ parse(const char *string, int lineno) > break; > case CTLTYPE_S64: > i64val = strtoimax(newval, &endptr, 0); > - if (endptr == newval || *endptr != '\0') { > + if (errno != 0 || endptr == newval || > + *endptr != '\0') { > warnx("invalid int64_t '%s'%s", > (char *)newval, line); > return (1); > @@ -358,7 +363,8 @@ parse(const char *string, int lineno) > break; > case CTLTYPE_U64: > u64val = strtoumax(newval, &endptr, 0); > - if (endptr == newval || *endptr != '\0') { > + if (errno != 0 || endptr == newval || > + *endptr != '\0') { > warnx("invalid uint64_t '%s'%s", > (char *)newval, line); > return (1); > @@ -669,14 +675,16 @@ set_IK(const char *str, int *val) > p = &str[len - 1]; > if (*p == 'C' || *p == 'F') { > temp = strtof(str, &endptr); > - if (endptr == str || endptr != p) > + if (errno != 0 || endptr == str || > + endptr != p) > return (0); > if (*p == 'F') > temp = (temp - 32) * 5 / 9; > kelv = temp * 10 + 2732; > } else { > kelv = (int)strtol(str, &endptr, 10); > - if (endptr == str || *endptr != '\0') > + if (errno != 0 || endptr == str || > + *endptr != '\0') > return (0); > } > *val = kelv; > -- Mateusz Guzik <mjguzik gmail.com> _______________________________________________ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"