From 0a199aba1829fff8571512d74a89b4b13ff57082 Mon Sep 17 00:00:00 2001 From: Joel Sing Date: Sun, 18 Nov 2012 04:13:40 +0000 Subject: Ensure that the base provided to strtol(3) is between 2 and 36 inclusive, or the special value of 0. ok deraadt@ otto@ --- lib/libc/stdlib/strtol.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'lib/libc/stdlib') diff --git a/lib/libc/stdlib/strtol.c b/lib/libc/stdlib/strtol.c index 5a244766db7..745bc4c2ce2 100644 --- a/lib/libc/stdlib/strtol.c +++ b/lib/libc/stdlib/strtol.c @@ -1,4 +1,4 @@ -/* $OpenBSD: strtol.c,v 1.7 2005/08/08 08:05:37 espie Exp $ */ +/* $OpenBSD: strtol.c,v 1.8 2012/11/18 04:13:39 jsing Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. * All rights reserved. @@ -48,6 +48,17 @@ strtol(const char *nptr, char **endptr, int base) int c; int neg, any, cutlim; + /* + * Ensure that base is between 2 and 36 inclusive, or the special + * value of 0. + */ + if (base != 0 && (base < 2 || base > 36)) { + if (endptr != 0) + *endptr = nptr; + errno = EINVAL; + return 0; + } + /* * Skip white space and pick up leading +/- sign if any. * If base is 0, allow 0x for hex and 0 for octal, else -- cgit v1.2.3