17 files changed, 156 insertions, 82 deletions

diff --git a/usr.bin/calendar/calendar.c b/usr.bin/calendar/calendar.c
index 85c28be895d..fcab233ec86 100644
--- a/usr.bin/calendar/calendar.c
+++ b/usr.bin/calendar/calendar.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: calendar.c,v 1.30 2015/03/15 00:41:28 millert Exp $	*/
+/*	$OpenBSD: calendar.c,v 1.31 2015/04/18 18:28:37 deraadt Exp $	*/
 
 /*
  * Copyright (c) 1989, 1993, 1994
@@ -41,6 +41,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 #include <time.h>
 #include <unistd.h>
 
@@ -68,6 +69,7 @@ int
 main(int argc, char *argv[])
 {
 	int ch;
+	const char *errstr;
 	char *caldir;
 
 	(void)setlocale(LC_ALL, "");
@@ -95,12 +97,16 @@ main(int argc, char *argv[])
 			break;
 
 		case 'A': /* days after current date */
-			f_dayAfter = atoi(optarg);
+			f_dayAfter = strtonum(optarg, 0, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-A %s: %s", optarg, errstr);
 			f_SetdayAfter = 1;
 			break;
 
 		case 'B': /* days before current date */
-			f_dayBefore = atoi(optarg);
+			f_dayBefore = strtonum(optarg, 0, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-B %s: %s", optarg, errstr);
 			break;
 
 		default:
diff --git a/usr.bin/calendar/io.c b/usr.bin/calendar/io.c
index d0a5e5847be..1e1950b2d30 100644
--- a/usr.bin/calendar/io.c
+++ b/usr.bin/calendar/io.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: io.c,v 1.38 2015/03/15 00:41:28 millert Exp $	*/
+/*	$OpenBSD: io.c,v 1.39 2015/04/18 18:28:37 deraadt Exp $	*/
 
 /*
  * Copyright (c) 1989, 1993, 1994
@@ -281,12 +281,16 @@ getfield(char *p, char **endp, int *flags)
 			}
 		}
 		if (i > NUMEV) {
-			switch(*start) {
+			const char *errstr;
+
+			switch (*start) {
 			case '-':
 			case '+':
-				var = atoi(start);
-				if (var > 365 || var < -365)
+				var = strtonum(start + 1, 0, 365, &errstr);
+				if (errstr)
 					return (0); /* Someone is just being silly */
+				if (*start == '-')
+					var = -var;
 				val += (NUMEV + 1) * var;
 				/* We add one to the matching event and multiply by
 				 * (NUMEV + 1) so as not to return 0 if there's a match.
diff --git a/usr.bin/find/function.c b/usr.bin/find/function.c
index 6037db0b287..585ce2a1fed 100644
--- a/usr.bin/find/function.c
+++ b/usr.bin/find/function.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: function.c,v 1.43 2015/03/15 00:41:28 millert Exp $	*/
+/*	$OpenBSD: function.c,v 1.44 2015/04/18 18:28:37 deraadt Exp $	*/
 
 /*-
  * Copyright (c) 1990, 1993
@@ -883,8 +883,10 @@ c_group(char *gname, char ***ignored, int unused)
 
 	g = getgrnam(gname);
 	if (g == NULL) {
-		gid = atoi(gname);
-		if (gid == 0 && gname[0] != '0')
+		const char *errstr;
+
+		gid = strtonum(gname, 0, GID_MAX, &errstr);
+		if (errstr)
 			errx(1, "-group: %s: no such group", gname);
 	} else
 		gid = g->gr_gid;
@@ -1014,9 +1016,12 @@ PLAN *
 c_mindepth(char *arg, char ***ignored, int unused)
 {
 	PLAN *new;
+	const char *errstr = NULL;
 
 	new = palloc(N_MINDEPTH, f_mindepth);
-	new->min_data = atoi(arg);
+	new->min_data = strtonum(arg, 0, INT_MAX, &errstr);
+	if (errstr)
+		errx(1, "-mindepth: %s: value %s", arg, errstr);
 	return (new);
 }
 
@@ -1488,8 +1493,10 @@ c_user(char *username, char ***ignored, int unused)
 
 	p = getpwnam(username);
 	if (p == NULL) {
-		uid = atoi(username);
-		if (uid == 0 && username[0] != '0')
+		const char *errstr;
+
+		uid = strtonum(username, 0, UID_MAX, &errstr);
+		if (errstr)
 			errx(1, "-user: %s: no such user", username);
 	} else
 		uid = p->pw_uid;
diff --git a/usr.bin/ipcrm/ipcrm.c b/usr.bin/ipcrm/ipcrm.c
index aa11580cbf4..4f70c629848 100644
--- a/usr.bin/ipcrm/ipcrm.c
+++ b/usr.bin/ipcrm/ipcrm.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ipcrm.c,v 1.10 2005/12/19 19:13:50 millert Exp $*/
+/*	$OpenBSD: ipcrm.c,v 1.11 2015/04/18 18:28:37 deraadt Exp $*/
 
 /*
  * Copyright (c) 1994 Adam Glass
@@ -39,6 +39,7 @@
 #include <sys/shm.h>
 #include <stdio.h>
 #include <unistd.h>
+#include <limits.h>
 #include <stdlib.h>
 #include <ctype.h>
 #include <err.h>
@@ -112,6 +113,7 @@ int
 main(int argc, char *argv[])
 {
 	int c, result, errflg, target_id;
+	const char *errstr;
 	key_t target_key;
 
 	errflg = 0;
@@ -122,7 +124,9 @@ main(int argc, char *argv[])
 		case 'q':
 		case 'm':
 		case 's':
-			target_id = atoi(optarg);
+			target_id = strtonum(optarg, 0, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-%c %s: %s\n", c, optarg, &errstr);
 			if (c == 'q')
 				result = msgrm(0, target_id);
 			else if (c == 'm')
diff --git a/usr.bin/kdump/kdump.c b/usr.bin/kdump/kdump.c
index 45ebeeadde0..6fe9653bb99 100644
--- a/usr.bin/kdump/kdump.c
+++ b/usr.bin/kdump/kdump.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kdump.c,v 1.100 2015/04/17 06:33:30 guenther Exp $	*/
+/*	$OpenBSD: kdump.c,v 1.101 2015/04/18 18:28:37 deraadt Exp $	*/
 
 /*-
  * Copyright (c) 1988, 1993
@@ -170,6 +170,7 @@ main(int argc, char *argv[])
 	int ch, silent;
 	size_t ktrlen, size;
 	int trpoints = ALL_POINTS;
+	const char *errstr;
 	void *m;
 
 	def_emul = current = &emulations[0];	/* native */
@@ -193,13 +194,17 @@ main(int argc, char *argv[])
 			tail = 1;
 			break;
 		case 'm':
-			maxdata = atoi(optarg);
+			maxdata = strtonum(optarg, 0, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-m %s: %s", optarg, errstr);
 			break;
 		case 'n':
 			fancy = 0;
 			break;
 		case 'p':
-			pid_opt = atoi(optarg);
+			pid_opt = strtonum(optarg, 1, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-p %s: %s", optarg, errstr);
 			break;
 		case 'R':
 			timestamp = 2;	/* relative timestamp */
diff --git a/usr.bin/ktrace/ktrace.c b/usr.bin/ktrace/ktrace.c
index 178180822eb..94180ca769a 100644
--- a/usr.bin/ktrace/ktrace.c
+++ b/usr.bin/ktrace/ktrace.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ktrace.c,v 1.31 2015/01/16 06:40:09 deraadt Exp $	*/
+/*	$OpenBSD: ktrace.c,v 1.32 2015/04/18 18:28:37 deraadt Exp $	*/
 /*	$NetBSD: ktrace.c,v 1.4 1995/08/31 23:01:44 jtc Exp $	*/
 
 /*-
@@ -211,7 +211,9 @@ main(int argc, char *argv[])
 static int
 rpid(const char *p)
 {
+	const char *errstr;
 	static int first;
+	pid_t pid;
 
 	if (first++) {
 		warnx("only one -g or -p flag is permitted.");
@@ -221,7 +223,12 @@ rpid(const char *p)
 		warnx("illegal process id.");
 		usage();
 	}
-	return(atoi(p));
+	pid = strtonum(p, 1, INT_MAX, &errstr);
+	if (errstr) {
+		warnx("illegal process id: %s", errstr);
+		usage();
+	}
+	return pid;
 }
 
 static void
diff --git a/usr.bin/logger/logger.c b/usr.bin/logger/logger.c
index 9146d678419..41d6e1fc569 100644
--- a/usr.bin/logger/logger.c
+++ b/usr.bin/logger/logger.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: logger.c,v 1.13 2013/11/27 13:32:02 okan Exp $	*/
+/*	$OpenBSD: logger.c,v 1.14 2015/04/18 18:28:37 deraadt Exp $	*/
 /*	$NetBSD: logger.c,v 1.4 1994/12/22 06:27:00 jtc Exp $	*/
 
 /*
@@ -32,6 +32,7 @@
 
 #include <errno.h>
 #include <unistd.h>
+#include <limits.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include <ctype.h>
@@ -155,10 +156,15 @@ pencode(char *s)
 int
 decode(char *name, CODE *codetab)
 {
+	int n;
 	CODE *c;
 
-	if (isdigit((unsigned char)*name))
-		return (atoi(name));
+	if (isdigit((unsigned char)*name)) {
+		const char *errstr;
+		int n = strtonum(name, 0, INT_MAX, &errstr);
+		if (!errstr)
+			return (n);
+	}
 
 	for (c = codetab; c->c_name; c++)
 		if (!strcasecmp(name, c->c_name))
diff --git a/usr.bin/make/generate.c b/usr.bin/make/generate.c
index 9e63e600877..a162e3ed1fb 100644
--- a/usr.bin/make/generate.c
+++ b/usr.bin/make/generate.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: generate.c,v 1.16 2014/05/18 08:08:50 espie Exp $ */
+/*	$OpenBSD: generate.c,v 1.17 2015/04/18 18:28:37 deraadt Exp $ */
 
 /*
  * Copyright (c) 2001 Marc Espie.
@@ -29,6 +29,7 @@
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <ohash.h>
 
 #include "stats.h"
@@ -137,6 +138,7 @@ main(int argc, char *argv[])
 	uint32_t v;
 	uint32_t h;
 	uint32_t slots;
+	const char *errstr;
 	const char *e;
 	char **occupied;
 	char **t;
@@ -146,11 +148,13 @@ main(int argc, char *argv[])
 	if (argc != 3)
 		exit(1);
 
-	tn = atoi(argv[1]);
-	if (!tn)
+	tn = strtonum(argv[1], 1, INT_MAX, &errstr);
+	if (errstr)
 		exit(1);
 	t = table[tn-1];
-	slots = atoi(argv[2]);
+	slots = strtonum(argv[2], 0, INT_MAX, &errstr);
+	if (errstr)
+		exit(1);
 	if (slots) {
 		occupied = calloc(slots, sizeof(char *));
 		if (!occupied)
diff --git a/usr.bin/sed/process.c b/usr.bin/sed/process.c
index 12385b844a4..aa7ea51d0c4 100644
--- a/usr.bin/sed/process.c
+++ b/usr.bin/sed/process.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: process.c,v 1.22 2015/04/13 05:11:23 deraadt Exp $	*/
+/*	$OpenBSD: process.c,v 1.23 2015/04/18 18:28:37 deraadt Exp $	*/
 
 /*-
  * Copyright (c) 1992 Diomidis Spinellis.
@@ -457,12 +457,14 @@ lputs(char *s)
 	static int termwidth = -1;
 
 	if (termwidth == -1) {
+		termwidth = 0;
 		if ((p = getenv("COLUMNS")))
-			termwidth = atoi(p);
-		else if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &win) == 0 &&
+			termwidth = strtonum(p, 0, INT_MAX, NULL);
+		if (termwidth == 0 &&
+		    ioctl(STDOUT_FILENO, TIOCGWINSZ, &win) == 0 &&
 		    win.ws_col > 0)
 			termwidth = win.ws_col;
-		else
+		if (termwidth == 0)
 			termwidth = 60;
 	}
 
diff --git a/usr.bin/skey/skey.c b/usr.bin/skey/skey.c
index 352e02356e3..a019f15c634 100644
--- a/usr.bin/skey/skey.c
+++ b/usr.bin/skey/skey.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: skey.c,v 1.27 2014/03/20 20:39:13 naddy Exp $	*/
+/*	$OpenBSD: skey.c,v 1.28 2015/04/18 18:28:38 deraadt Exp $	*/
 /*
  * OpenBSD S/Key (skey.c)
  *
@@ -27,6 +27,7 @@
 #include <string.h>
 #include <err.h>
 #include <unistd.h>
+#include <limits.h>
 #include <skey.h>
 
 void    usage(char *);
@@ -37,6 +38,7 @@ main(int argc, char *argv[])
 	int     n, i, cnt = 1, pass = 0, hexmode = 0;
 	char    passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE];
 	char	buf[33], *seed, *slash;
+	const char *errstr;
 
 	/* If we were called as otp-METHOD, set algorithm based on that */
 	if ((slash = strrchr(argv[0], '/')))
@@ -56,7 +58,9 @@ main(int argc, char *argv[])
 			case 'n':
 				if (++i == argc)
 					usage(argv[0]);
-				cnt = atoi(argv[i]);
+				cnt = strtonum(argv[i], 1, SKEY_MAX_SEQ -1, &errstr);
+				if (errstr)
+					usage(argv[0]);
 				break;
 			case 'p':
 				if (++i == argc)
@@ -96,19 +100,15 @@ main(int argc, char *argv[])
 		*slash++ = '\0';
 		seed = slash;
 
-		if ((n = atoi(argv[i])) < 0) {
-			warnx("%d not positive", n);
-			usage(argv[0]);
-		} else if (n > SKEY_MAX_SEQ) {
-			warnx("%d is larger than max (%d)", n, SKEY_MAX_SEQ);
+		n = strtonum(argv[i], 0, SKEY_MAX_SEQ, &errstr);
+		if (errstr) {
+			warnx("%s: %s", argv[i], errstr);
 			usage(argv[0]);
 		}
 	} else {
-		if ((n = atoi(argv[i])) < 0) {
-			warnx("%d not positive", n);
-			usage(argv[0]);
-		} else if (n > SKEY_MAX_SEQ) {
-			warnx("%d is larger than max (%d)", n, SKEY_MAX_SEQ);
+		n = strtonum(argv[i], 0, SKEY_MAX_SEQ, &errstr);
+		if (errstr) {
+			warnx("%s: %s", argv[i], errstr);
 			usage(argv[0]);
 		}
 		seed = argv[++i];
diff --git a/usr.bin/skeyinit/skeyinit.c b/usr.bin/skeyinit/skeyinit.c
index 96698358826..abbba66c07e 100644
--- a/usr.bin/skeyinit/skeyinit.c
+++ b/usr.bin/skeyinit/skeyinit.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: skeyinit.c,v 1.56 2015/01/16 06:40:11 deraadt Exp $	*/
+/*	$OpenBSD: skeyinit.c,v 1.57 2015/04/18 18:28:38 deraadt Exp $	*/
 
 /* OpenBSD S/Key (skeyinit.c)
  *
@@ -52,6 +52,7 @@ main(int argc, char **argv)
 	char	seed[SKEY_MAX_SEED_LEN + 1];
 	char    buf[256], key[SKEY_BINKEY_SIZE], filename[PATH_MAX], *ht;
 	char    lastc, me[UT_NAMESIZE + 1], *p, *auth_type;
+	const char *errstr;
 	u_int32_t noise;
 	struct skey skey;
 	struct passwd *pp;
@@ -108,7 +109,8 @@ main(int argc, char **argv)
 			case 'n':
 				if (argv[++i] == NULL || argv[i][0] == '\0')
 					usage();
-				if ((n = atoi(argv[i])) < 1 || n >= SKEY_MAX_SEQ)
+				n = strtonum(argv[i], 1, SKEY_MAX_SEQ - 1, &errstr);
+				if (errstr)
 					errx(1, "count must be > 0 and < %d",
 					     SKEY_MAX_SEQ);
 				break;
@@ -324,6 +326,7 @@ secure_mode(int *count, char *key, char *seed, size_t seedlen,
     char *buf, size_t bufsiz)
 {
 	char *p, newseed[SKEY_MAX_SEED_LEN + 2];
+	const char *errstr;
 	int i, n;
 
 	(void)puts("You need the 6 words generated from the \"skey\" command.");
@@ -335,11 +338,11 @@ secure_mode(int *count, char *key, char *seed, size_t seedlen,
 		    SKEY_MAX_SEQ);
 		(void)fgets(buf, bufsiz, stdin);
 		clearerr(stdin);
-		n = atoi(buf);
-		if (n > 0 && n < SKEY_MAX_SEQ)
+		n = strtonum(buf, 1, SKEY_MAX_SEQ-1, &errstr);
+		if (!errstr)
 			break;	/* Valid range */
-		(void)fprintf(stderr, "ERROR: Count must be between 1 and %d\n",
-			     SKEY_MAX_SEQ);
+		fprintf(stderr, "ERROR: Count must be between 1 and %d\n",
+		    SKEY_MAX_SEQ - 1);
 	}
 
 	for (i = 0; ; i++) {
@@ -492,6 +495,7 @@ convert_db(void)
 	FILE *newfile;
 	char buf[256], *logname, *hashtype, *seed, *val, *cp;
 	char filename[PATH_MAX];
+	const char *errstr;
 	int fd, n;
 
 	if ((keyfile = fopen(_PATH_SKEYKEYS, "r")) == NULL)
@@ -516,7 +520,9 @@ convert_db(void)
 		hashtype = cp;
 		if ((cp = strtok(NULL, " \t")) == NULL)
 			continue;
-		n = atoi(cp);
+		n = strtonum(cp, 0, SKEY_MAX_SEQ, &errstr);
+		if (errstr)
+			continue;
 		if ((seed = strtok(NULL, " \t")) == NULL)
 			continue;
 		if ((val = strtok(NULL, " \t")) == NULL)
diff --git a/usr.bin/systat/main.c b/usr.bin/systat/main.c
index c61954ae643..692d022dfec 100644
--- a/usr.bin/systat/main.c
+++ b/usr.bin/systat/main.c
@@ -1,4 +1,4 @@
-/* $Id: main.c,v 1.62 2015/03/12 01:03:00 claudio Exp $	 */
+/* $Id: main.c,v 1.63 2015/04/18 18:28:38 deraadt Exp $	 */
 /*
  * Copyright (c) 2001, 2007 Can Erkin Acar
  * Copyright (c) 2001 Daniel Hartmeier
@@ -296,13 +296,12 @@ cmd_delay(const char *buf)
 void
 cmd_count(const char *buf)
 {
+	const char *errstr;
 	int ms;
-	ms = atoi(buf);
 
-	if (ms <= 0 || ms > lines - HEADER_LINES)
+	maxprint = strtonum(buf, 1, lines - HEADER_LINES, &errstr);
+	if (errstr)
 		maxprint = lines - HEADER_LINES;
-	else
-		maxprint = ms;
 }
 
 
@@ -380,6 +379,7 @@ int
 main(int argc, char *argv[])
 {
 	char errbuf[_POSIX2_LINE_MAX];
+	const char *errstr;
 	extern char *optarg;
 	extern int optind;
 	double delay = 5;
@@ -418,9 +418,9 @@ main(int argc, char *argv[])
 			interactive = 0;
 			break;
 		case 'd':
-			countmax = atoi(optarg);
-			if (countmax < 0)
-				countmax = 0;
+			countmax = strtonum(optarg, 1, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-d %s: %s", optarg, errstr);
 			break;
 		case 'i':
 			interactive = 1;
@@ -438,11 +438,9 @@ main(int argc, char *argv[])
 				delay = 5;
 			break;
 		case 'w':
-			rawwidth = atoi(optarg);
-			if (rawwidth < 1)
-				rawwidth = DEFAULT_WIDTH;
-			if (rawwidth >= MAX_LINE_BUF)
-				rawwidth = MAX_LINE_BUF - 1;
+			rawwidth = strtonum(optarg, 1, MAX_LINE_BUF-1, &errstr);
+			if (errstr)
+				errx(1, "-w %s: %s", optarg, errstr);
 			break;
 		default:
 			usage();
diff --git a/usr.bin/tip/tip.c b/usr.bin/tip/tip.c
index 98727ab64d1..6497828cc82 100644
--- a/usr.bin/tip/tip.c
+++ b/usr.bin/tip/tip.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tip.c,v 1.55 2015/02/07 10:07:15 deraadt Exp $	*/
+/*	$OpenBSD: tip.c,v 1.56 2015/04/18 18:28:38 deraadt Exp $	*/
 /*	$NetBSD: tip.c,v 1.13 1997/04/20 00:03:05 mellon Exp $	*/
 
 /*
@@ -50,6 +50,8 @@ int
 main(int argc, char *argv[])
 {
 	char *sys = NULL;
+	const char *errstr;
+	int baud;
 	int i, pair[2];
 
 	vinit();
@@ -81,7 +83,12 @@ main(int argc, char *argv[])
 
 		case '0': case '1': case '2': case '3': case '4':
 		case '5': case '6': case '7': case '8': case '9':
-			vsetnum(BAUDRATE, atoi(&argv[1][1]));
+			baud = strtonum(&argv[1][1], 0, INT_MAX, &errstr);
+			if (errstr) {
+				fprintf(stderr, "incorrect speed: %s\n", errstr);
+				exit(1);
+			}
+			vsetnum(BAUDRATE, baud);
 			break;
 
 		default:
diff --git a/usr.bin/unifdef/unifdef.c b/usr.bin/unifdef/unifdef.c
index 89df19740aa..fa751572814 100644
--- a/usr.bin/unifdef/unifdef.c
+++ b/usr.bin/unifdef/unifdef.c
@@ -47,7 +47,7 @@
 
 static const char copyright[] =
     #include "version.h"
-    "@(#) $Author: miod $\n"
+    "@(#) $Author: deraadt $\n"
     "@(#) $URL: http://dotat.at/prog/unifdef $\n"
 ;
 
@@ -252,6 +252,7 @@ static const char      *xstrdup(const char *, const char *);
 int
 main(int argc, char *argv[])
 {
+	const char *errstr;
 	int opt;
 
 	while ((opt = getopt(argc, argv, "i:D:U:f:I:M:o:x:bBcdehKklmnsStV")) != -1)
@@ -332,9 +333,9 @@ main(int argc, char *argv[])
 			version();
 			break;
 		case 'x':
-			exitmode = atoi(optarg);
-			if(exitmode < 0 || exitmode > 2)
-				usage();
+			exitmode = strtonum(optarg, 0, 2, &errstr);
+			if (errstr)
+				errx(1, "-x %s: %s", optarg, errstr);
 			break;
 		default:
 			usage();
diff --git a/usr.bin/vis/vis.c b/usr.bin/vis/vis.c
index b32ccef190d..fe40eed012d 100644
--- a/usr.bin/vis/vis.c
+++ b/usr.bin/vis/vis.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: vis.c,v 1.16 2015/02/08 23:40:34 deraadt Exp $	*/
+/*	$OpenBSD: vis.c,v 1.17 2015/04/18 18:28:38 deraadt Exp $	*/
 /*	$NetBSD: vis.c,v 1.4 1994/12/20 16:13:03 jtc Exp $	*/
 
 /*-
@@ -34,6 +34,7 @@
 #include <string.h>
 #include <stdlib.h>
 #include <unistd.h>
+#include <limits.h>
 #include <err.h>
 #include <vis.h>
 
@@ -50,6 +51,7 @@ __dead void usage(void);
 int
 main(int argc, char *argv[])
 {
+	const char *errstr;
 	FILE *fp;
 	int ch;
 
@@ -80,10 +82,11 @@ main(int argc, char *argv[])
 			eflags |= VIS_NOSLASH;
 			break;
 		case 'F':
-			if ((foldwidth = atoi(optarg))<5) {
+			foldwidth = strtonum(optarg, 1, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "%s: %s", optarg, errstr);
+			if (foldwidth < 5)
 				errx(1, "can't fold lines to less than 5 cols");
-				/* NOTREACHED */
-			}
 			/*FALLTHROUGH*/
 		case 'f':
 			fold = 1;	/* fold output lines to 80 cols */
diff --git a/usr.bin/vmstat/vmstat.c b/usr.bin/vmstat/vmstat.c
index dbaf096f05d..3ed634ed663 100644
--- a/usr.bin/vmstat/vmstat.c
+++ b/usr.bin/vmstat/vmstat.c
@@ -1,5 +1,5 @@
 /*	$NetBSD: vmstat.c,v 1.29.4.1 1996/06/05 00:21:05 cgd Exp $	*/
-/*	$OpenBSD: vmstat.c,v 1.137 2015/01/30 19:00:56 tedu Exp $	*/
+/*	$OpenBSD: vmstat.c,v 1.138 2015/04/18 18:28:38 deraadt Exp $	*/
 
 /*
  * Copyright (c) 1980, 1986, 1991, 1993
@@ -766,7 +766,13 @@ domem(void)
 		siz = sizeof(struct kmembuckets);
 		i = 0;
 		while ((ap = strsep(&bufp, ",")) != NULL) {
-			mib[3] = atoi(ap);
+			const char *errstr;
+
+			mib[3] = strtonum(ap, 0, INT_MAX, &errstr);
+			if (errstr) {
+				warnx("kernel lied about %d being a number", mib[3]);
+				return;
+			}
 
 			if (sysctl(mib, 4, &buckets[MINBUCKET + i], &siz,
 			    NULL, 0) < 0) {
diff --git a/usr.bin/xargs/xargs.c b/usr.bin/xargs/xargs.c
index dded1c6a11b..ed0ada5138a 100644
--- a/usr.bin/xargs/xargs.c
+++ b/usr.bin/xargs/xargs.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: xargs.c,v 1.28 2015/01/16 06:40:14 deraadt Exp $	*/
+/*	$OpenBSD: xargs.c,v 1.29 2015/04/18 18:28:38 deraadt Exp $	*/
 /*	$FreeBSD: xargs.c,v 1.51 2003/05/03 19:09:11 obrien Exp $	*/
 
 /*-
@@ -50,6 +50,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <limits.h>
 
 #include "pathnames.h"
 
@@ -78,6 +79,7 @@ main(int argc, char *argv[])
 	int ch, Jflag, nargs, nflag, nline;
 	size_t linelen;
 	char *endptr;
+	const char *errstr;
 
 	inpline = replstr = NULL;
 	ep = environ;
@@ -125,19 +127,23 @@ main(int argc, char *argv[])
 			replstr = optarg;
 			break;
 		case 'L':
-			Lflag = atoi(optarg);
+			Lflag = strtonum(optarg, 0, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-L %s: %s", optarg, errstr);
 			break;
 		case 'n':
 			nflag = 1;
-			if ((nargs = atoi(optarg)) <= 0)
-				errx(1, "illegal argument count");
+			nargs = strtonum(optarg, 1, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-n %s: %s", optarg, errstr);
 			break;
 		case 'o':
 			oflag = 1;
 			break;
 		case 'P':
-			if ((maxprocs = atoi(optarg)) <= 0)
-				errx(1, "max. processes must be >0");
+			maxprocs = strtonum(optarg, 1, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-P %s: %s", optarg, errstr);
 			break;
 		case 'p':
 			pflag = 1;
@@ -151,7 +157,9 @@ main(int argc, char *argv[])
 				errx(1, "replacements must be a number");
 			break;
 		case 's':
-			nline = atoi(optarg);
+			nline = strtonum(optarg, 0, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-s %s: %s", optarg, errstr);
 			break;
 		case 't':
 			tflag = 1;