[hackers] [st] Using strtol with overflow checking. || Christoph Lohmann

From: <git_AT_suckless.org>
Date: Mon, 25 Feb 2013 13:26:33 +0100

commit 37863356b00cd41c24e10243121649473b98824f
Author: Christoph Lohmann <20h_AT_r-36.net>
Date: Mon Feb 25 13:23:56 2013 +0100

    Using strtol with overflow checking.

diff --git a/st.c b/st.c
index afa6813..23c4caf 100644
--- a/st.c
+++ b/st.c
_AT_@ -1296,17 +1296,22 @@ tnewline(int first_col) {
 void
 csiparse(void) {
         /* int noarg = 1; */
- char *p = csiescseq.buf;
+ char *p = csiescseq.buf, *np;
+ long int v;
 
         csiescseq.narg = 0;
         if(*p == '?')
                 csiescseq.priv = 1, p++;
 
         while(p < csiescseq.buf+csiescseq.len) {
- while(isdigit(*p)) {
- csiescseq.arg[csiescseq.narg] *= 10;
- csiescseq.arg[csiescseq.narg] += *p++ - '0'/*, noarg = 0 */;
- }
+ np = NULL;
+ v = strtol(p, &np, 10);
+ if(v == LONG_MAX || v == LONG_MIN)
+ v = -1;
+ csiescseq.arg[csiescseq.narg] = v;
+ if(np != NULL)
+ p = np;
+
                 if(*p == ';' && csiescseq.narg+1 < ESC_ARG_SIZ) {
                         csiescseq.narg++, p++;
                 } else {
_AT_@ -2116,7 +2121,8 @@ tputc(char *c, int len) {
                         if(BETWEEN(ascii, 0x40, 0x7E)
                                         || csiescseq.len >= ESC_BUF_SIZ) {
                                 term.esc = 0;
- csiparse(), csihandle();
+ csiparse();
+ csihandle();
                         }
                 } else if(term.esc & ESC_STR_END) {
                         term.esc = 0;
Received on Mon Feb 25 2013 - 13:26:33 CET