diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2018-03-01 20:11:42 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2018-03-01 20:11:42 +0000 |
| commit | 9af40203fb6b742a1a0bc0bb94e635bfd991cc9d (patch) | |
| tree | 8da325e8a875ff01f79d3f106a2ac903eb6f05c8 /sbin/disklabel | |
| parent | 87da88077e91166073f2e2c84935cef4c4d81977 (diff) | |
Check for a negative value and overflow in getuint64() when performing
multiplication and division. Based on a diff from otto@.
OK otto@ krw@
Diffstat (limited to 'sbin/disklabel')
| -rw-r--r-- | sbin/disklabel/editor.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/sbin/disklabel/editor.c b/sbin/disklabel/editor.c index 278beb2f132..41bb1eeaec6 100644 --- a/sbin/disklabel/editor.c +++ b/sbin/disklabel/editor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: editor.c,v 1.317 2018/03/01 15:47:54 krw Exp $ */ +/* $OpenBSD: editor.c,v 1.318 2018/03/01 20:11:41 millert Exp $ */ /* * Copyright (c) 1997-2000 Todd C. Miller <Todd.Miller@courtesan.com> @@ -1212,18 +1212,23 @@ getuint64(struct disklabel *lp, char *prompt, char *helpstring, endptr = p; errno = 0; d = strtod(p, &endptr); - if (errno == ERANGE) + if (errno == ERANGE || d < 0) rval = ULLONG_MAX; /* too big/small */ else if (*endptr != '\0') { errno = EINVAL; /* non-numbers in str */ rval = ULLONG_MAX; } else { - /* XXX - should check for overflow */ if (mult > 0) - rval = d * mult * percent; + d = d * mult * percent; else - /* Negative mult means divide (fancy) */ - rval = d / (-mult) * percent; + d = d / (-mult) * percent; + + if (d < ULLONG_MAX - 1) { + rval = d; + } else { + errno = ERANGE; + rval = ULLONG_MAX; + } /* Range check then apply [+-] operator */ if (operator == '+') { |