From 82e40d211902d486d2871a1bc691d1768927efd5 Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Sat, 18 Apr 2015 18:28:39 +0000 Subject: Convert many atoi() calls to strtonum(), adding range checks and failure handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert --- sbin/quotacheck/quotacheck.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'sbin/quotacheck/quotacheck.c') diff --git a/sbin/quotacheck/quotacheck.c b/sbin/quotacheck/quotacheck.c index 8b1966287fb..bbf4e0fbe85 100644 --- a/sbin/quotacheck/quotacheck.c +++ b/sbin/quotacheck/quotacheck.c @@ -1,4 +1,4 @@ -/* $OpenBSD: quotacheck.c,v 1.37 2015/02/07 02:09:14 deraadt Exp $ */ +/* $OpenBSD: quotacheck.c,v 1.38 2015/04/18 18:28:37 deraadt Exp $ */ /* $NetBSD: quotacheck.c,v 1.12 1996/03/30 22:34:25 mark Exp $ */ /* @@ -136,6 +136,7 @@ main(int argc, char *argv[]) struct quotaname *auxdata; int i, argnum, maxrun, errs, ch; u_int64_t done = 0; /* XXX supports maximum 64 filesystems */ + const char *errstr; char *name; errs = maxrun = 0; @@ -151,7 +152,9 @@ main(int argc, char *argv[]) gflag = 1; break; case 'l': - maxrun = atoi(optarg); + maxrun = strtonum(optarg, 0, INT_MAX, &errstr); + if (errstr) + errx(1, "-l %s: %s", optarg, errstr); break; case 'u': uflag = 1; -- cgit v1.2.3