From a717488db5cb5e337f2ff1357e6b6e04617217a1 Mon Sep 17 00:00:00 2001 From: Ray Lai Date: Wed, 1 Nov 2006 05:46:21 +0000 Subject: Fix range checking for in.dbsz and out.dbsz. Add range checking for cbsz. Change type in format string to %zd and cast SSIZE_MAX to ssize_t. Fixes PR 5278 submitted by malaler at gmail dot com. OK otto@ and millert@. --- bin/dd/args.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'bin/dd') diff --git a/bin/dd/args.c b/bin/dd/args.c index e12ef7efddd..3aef61e8735 100644 --- a/bin/dd/args.c +++ b/bin/dd/args.c @@ -1,4 +1,4 @@ -/* $OpenBSD: args.c,v 1.16 2006/03/22 18:08:04 dhill Exp $ */ +/* $OpenBSD: args.c,v 1.17 2006/11/01 05:46:20 ray Exp $ */ /* $NetBSD: args.c,v 1.7 1996/03/01 01:18:58 jtc Exp $ */ /*- @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)args.c 8.3 (Berkeley) 4/2/94"; #else -static char rcsid[] = "$OpenBSD: args.c,v 1.16 2006/03/22 18:08:04 dhill Exp $"; +static char rcsid[] = "$OpenBSD: args.c,v 1.17 2006/11/01 05:46:20 ray Exp $"; #endif #endif /* not lint */ @@ -171,8 +171,9 @@ jcl(char **argv) * Read and write take size_t's as arguments. Lseek, however, * takes an off_t (quad). */ - if (in.dbsz > SIZE_T_MAX || out.dbsz > SIZE_T_MAX) - errx(1, "buffer sizes cannot be greater than %u", SIZE_T_MAX); + if (cbsz > SSIZE_MAX || in.dbsz > SSIZE_MAX || out.dbsz > SSIZE_MAX) + errx(1, "buffer sizes cannot be greater than %zd", + (ssize_t)SSIZE_MAX); if (in.offset > QUAD_MAX / in.dbsz || out.offset > QUAD_MAX / out.dbsz) errx(1, "seek offsets cannot be larger than %qd", QUAD_MAX); } -- cgit v1.2.3