diff options
| author | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2014-11-25 10:26:08 +0000 |
|---|---|---|
| committer | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2014-11-25 10:26:08 +0000 |
| commit | a9660085ddfa69baa30c39fbc6f2f380b97ea8d8 (patch) | |
| tree | 85c871b035d36f885c7010950cef96d4e617dbb4 /usr.bin/patch | |
| parent | 9a6bf60fe3df67f9d584f6355cb46e8a966d2898 (diff) | |
Introduce strtolinenum to properly check line numbers while parsing:
no signs, no spaces, just digits, 0 <= x <= LONG_MAX
ok millert, otto
Diffstat (limited to 'usr.bin/patch')
| -rw-r--r-- | usr.bin/patch/common.h | 4 | ||||
| -rw-r--r-- | usr.bin/patch/pch.c | 80 |
2 files changed, 51 insertions, 33 deletions
diff --git a/usr.bin/patch/common.h b/usr.bin/patch/common.h index 51649b1aad8..b20f6b21666 100644 --- a/usr.bin/patch/common.h +++ b/usr.bin/patch/common.h @@ -1,4 +1,4 @@ -/* $OpenBSD: common.h,v 1.27 2014/11/22 15:49:28 tobias Exp $ */ +/* $OpenBSD: common.h,v 1.28 2014/11/25 10:26:07 tobias Exp $ */ /* * patch - a program to apply diffs to original files @@ -28,6 +28,7 @@ #include <sys/types.h> +#include <limits.h> #include <stdbool.h> #define DEBUGGING @@ -38,6 +39,7 @@ #define INITHUNKMAX 125 /* initial dynamic allocation size */ #define MAXLINELEN 8192 #define BUFFERSIZE 1024 +#define LINENUM_MAX LONG_MAX #define RCSSUFFIX ",v" #define CHECKOUT "co -l %s" diff --git a/usr.bin/patch/pch.c b/usr.bin/patch/pch.c index f35a6cfea0c..a8b841824b8 100644 --- a/usr.bin/patch/pch.c +++ b/usr.bin/patch/pch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pch.c,v 1.44 2014/11/22 15:49:28 tobias Exp $ */ +/* $OpenBSD: pch.c,v 1.45 2014/11/25 10:26:07 tobias Exp $ */ /* * patch - a program to apply diffs to original files @@ -76,6 +76,7 @@ static char *pgets(char *, int, FILE *); static char *best_name(const struct file_name *, bool); static char *posix_name(const struct file_name *, bool); static size_t num_components(const char *); +static LINENUM strtolinenum(char *, char **); /* * Prepare to look for the next patch in the patch file. @@ -340,7 +341,7 @@ intuit_diff_type(void) stars_this_line = strnEQ(s, "********", 8); if ((!diff_type || diff_type == CONTEXT_DIFF) && stars_last_line && strnEQ(s, "*** ", 4)) { - if (atol(s + 4) == 0) + if (strtolinenum(s + 4, &s) == 0) ok_to_create_file = true; /* * If this is a new context diff the character just @@ -577,15 +578,13 @@ another_hunk(void) malformed(); if (strnEQ(s, "0,0", 3)) memmove(s, s + 2, strlen(s + 2) + 1); - p_first = (LINENUM) atol(s); - while (isdigit((unsigned char)*s)) - s++; + p_first = strtolinenum(s, &s); if (*s == ',') { for (; *s && !isdigit((unsigned char)*s); s++) ; if (!*s) malformed(); - p_ptrn_lines = ((LINENUM) atol(s)) - p_first + 1; + p_ptrn_lines = strtolinenum(s, &s) - p_first + 1; } else if (p_first) p_ptrn_lines = 1; else { @@ -645,15 +644,13 @@ another_hunk(void) ; if (!*s) malformed(); - p_newfirst = (LINENUM) atol(s); - while (isdigit((unsigned char)*s)) - s++; + p_newfirst = strtolinenum(s, &s); if (*s == ',') { for (; *s && !isdigit((unsigned char)*s); s++) ; if (!*s) malformed(); - p_repl_lines = ((LINENUM) atol(s)) - + p_repl_lines = strtolinenum(s, &s) - p_newfirst + 1; } else if (p_newfirst) p_repl_lines = 1; @@ -853,26 +850,18 @@ hunk_done: s = buf + 4; if (!*s) malformed(); - p_first = (LINENUM) atol(s); - while (isdigit((unsigned char)*s)) - s++; + p_first = strtolinenum(s, &s); if (*s == ',') { - p_ptrn_lines = (LINENUM) atol(++s); - while (isdigit((unsigned char)*s)) - s++; + p_ptrn_lines = strtolinenum(s + 1, &s); } else p_ptrn_lines = 1; if (*s == ' ') s++; if (*s != '+' || !*++s) malformed(); - p_newfirst = (LINENUM) atol(s); - while (isdigit((unsigned char)*s)) - s++; + p_newfirst = strtolinenum(s, &s); if (*s == ',') { - p_repl_lines = (LINENUM) atol(++s); - while (isdigit((unsigned char)*s)) - s++; + p_repl_lines = strtolinenum(s + 1, &s); } else p_repl_lines = 1; if (*s == ' ') @@ -1018,23 +1007,17 @@ hunk_done: next_intuit_at(line_beginning, p_input_line); return false; } - p_first = (LINENUM) atol(buf); - for (s = buf; isdigit((unsigned char)*s); s++) - ; + p_first = strtolinenum(buf, &s); if (*s == ',') { - p_ptrn_lines = (LINENUM) atol(++s) - p_first + 1; - while (isdigit((unsigned char)*s)) - s++; + p_ptrn_lines = strtolinenum(s + 1, &s) - p_first + 1; } else p_ptrn_lines = (*s != 'a'); hunk_type = *s; if (hunk_type == 'a') p_first++; /* do append rather than insert */ - min = (LINENUM) atol(++s); - for (; isdigit((unsigned char)*s); s++) - ; + min = strtolinenum(s + 1, &s); if (*s == ',') - max = (LINENUM) atol(++s); + max = strtolinenum(s + 1, &s); else max = min; if (hunk_type == 'd') @@ -1547,3 +1530,36 @@ num_components(const char *path) } return n; } + +/* + * Convert number at NPTR into LINENUM and save address of first + * character that is not a digit in ENDPTR. If conversion is not + * possible, call fatal. + */ +static LINENUM +strtolinenum(char *nptr, char **endptr) +{ + LINENUM rv; + char c; + char *p; + const char *errstr; + + for (p = nptr; isdigit((unsigned char)*p); p++) + ; + + if (p == nptr) + malformed(); + + c = *p; + *p = '\0'; + + rv = strtonum(nptr, 0, LINENUM_MAX, &errstr); + if (errstr != NULL) + fatal("invalid line number at line %ld: `%s' is %s\n", + p_input_line, nptr, errstr); + + *p = c; + *endptr = p; + + return rv; +} |