[hackers] [sbase] Make strtol() parsing even stricter in parseoffset() || FRIGN
commit 8be7c428636afe405ac6fe5fa1b09dbc9552bf75
Author: FRIGN <dev_AT_frign.de>
AuthorDate: Wed Sep 30 20:05:14 2015 +0200
Commit: sin <sin_AT_2f30.org>
CommitDate: Wed Sep 30 19:44:11 2015 +0100
Make strtol() parsing even stricter in parseoffset()
Be strict about what we pass to it and how we handle errors.
The base-check is done by strtol anyway.
Also improve error-reporting.
diff --git a/libutil/parseoffset.c b/libutil/parseoffset.c
index d12557f..37673da 100644
--- a/libutil/parseoffset.c
+++ b/libutil/parseoffset.c
_AT_@ -1,5 +1,6 @@
/* See LICENSE file for copyright and license details. */
#include <ctype.h>
+#include <errno.h>
#include <inttypes.h>
#include <stdlib.h>
#include <string.h>
_AT_@ -9,25 +10,21 @@
off_t
parseoffset(const char *str)
{
- off_t res;
- size_t scale = 1;
- int base = 10;
+ off_t res, scale = 1;
char *end;
- if (!str || !*str) {
- weprintf("parseoffset: empty string\n");
+ /* strictly check what strtol() usually would let pass */
+ if (!str || !*str || isspace(*str) || *str == '+' || *str == '-') {
+ weprintf("parseoffset %s: invalid value\n", str);
return -1;
}
- /* bases */
- if (!strncasecmp(str, "0x", strlen("0x"))) {
- base = 16;
- } else if (*str == '0') {
- str++;
- base = 8;
+ errno = 0;
+ res = strtol(str, &end, 0);
+ if (errno) {
+ weprintf("parseoffset %s: invalid value\n", str);
+ return -1;
}
-
- res = strtol(str, &end, base);
if (res < 0) {
weprintf("parseoffset %s: negative value\n", str);
return -1;
_AT_@ -49,7 +46,7 @@ parseoffset(const char *str)
scale = 1024L * 1024L * 1024L;
break;
default:
- weprintf("parseoffset %s: invalid suffix\n", str);
+ weprintf("parseoffset %s: invalid suffix '%s'\n", str, end);
return -1;
}
}
Received on Wed Sep 30 2015 - 20:44:19 CEST
This archive was generated by hypermail 2.3.0
: Wed Sep 30 2015 - 20:48:45 CEST