From 92de87f30c2fd25245e3e345633fe497665b5448 Mon Sep 17 00:00:00 2001
From: Roberto Ricci <rroberto2r@gmail.com>
Date: Sun, 11 Feb 2018 17:12:14 +0100
Subject: exit if conv. from string to double fails

atof(3), whose return value is undefined on error, is used to parse
command line arguments, leading to undefined beavior if something else
than a number is specified.
this patch uses strtod(3) and exits on error.

Signed-off-by: Roberto Ricci <rroberto2r@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
---
 xbacklight.c | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/xbacklight.c b/xbacklight.c
index 1d6d987..b7c8011 100644
--- a/xbacklight.c
+++ b/xbacklight.c
@@ -26,6 +26,7 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <errno.h>
 
 #include <xcb/xcb.h>
 #include <xcb/xcb_util.h>
@@ -59,6 +60,16 @@ usage (int exitcode)
     exit (exitcode);
 }
 
+static double
+atof_or_die (char *str)
+{
+    double retval;
+    errno = 0;
+    retval = strtod(str, NULL);
+    if (errno) usage(1);
+    return retval;
+}
+
 static void
 missing_arg (const char *option)
 {
@@ -150,39 +161,39 @@ main (int argc, char **argv)
 	{
 	    if (++i >= argc) missing_arg (argv[i-1]);
 	    op = Set;
-	    value = atof (argv[i]);
+	    value = atof_or_die (argv[i]);
 	    continue;
 	}
 	if (argv[i][0] == '=' && isdigit (argv[i][1]))
 	{
 	    op = Set;
-	    value = atof (argv[i] + 1);
+	    value = atof_or_die (argv[i] + 1);
 	    continue;
 	}
 	if (!strcmp (argv[i], "-inc") || !strcmp (argv[i], "+"))
 	{
 	    if (++i >= argc) missing_arg (argv[i-1]);
 	    op = Inc;
-	    value = atof (argv[i]);
+	    value = atof_or_die (argv[i]);
 	    continue;
 	}
 	if (argv[i][0] == '+' && isdigit (argv[i][1]))
 	{
 	    op = Inc;
-	    value = atof (argv[i] + 1);
+	    value = atof_or_die (argv[i] + 1);
 	    continue;
 	}
 	if (!strcmp (argv[i], "-dec") || !strcmp (argv[i], "-"))
 	{
 	    if (++i >= argc) missing_arg (argv[i-1]);
 	    op = Dec;
-	    value = atof (argv[i]);
+	    value = atof_or_die (argv[i]);
 	    continue;
 	}
 	if (argv[i][0] == '-' && isdigit (argv[i][1]))
 	{
 	    op = Dec;
-	    value = atof (argv[i] + 1);
+	    value = atof_or_die (argv[i] + 1);
 	    continue;
 	}
 	if (!strcmp (argv[i], "-get") || !strcmp (argv[i], "-g"))
-- 
cgit v1.2.3