From 2d1a1aebbe00aad403002b15f90835aec1aa8ded Mon Sep 17 00:00:00 2001 From: cheloha Date: Mon, 5 Mar 2018 16:57:38 +0000 Subject: Stricter checking for skip1 and skip2. As we do elsewhere in the tree, make sure we (a) got a number at all, (b) that it doesn't have non-digits dangling off the end, (c) that it's positive, and (d) that it didn't overflow. ok tb@ --- usr.bin/cmp/cmp.c | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) (limited to 'usr.bin/cmp/cmp.c') diff --git a/usr.bin/cmp/cmp.c b/usr.bin/cmp/cmp.c index 3af0d0caa66..1634f58eecf 100644 --- a/usr.bin/cmp/cmp.c +++ b/usr.bin/cmp/cmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmp.c,v 1.17 2018/03/05 16:53:39 cheloha Exp $ */ +/* $OpenBSD: cmp.c,v 1.18 2018/03/05 16:57:37 cheloha Exp $ */ /* $NetBSD: cmp.c,v 1.7 1995/09/08 03:22:56 tls Exp $ */ /* @@ -34,7 +34,9 @@ #include #include +#include #include +#include #include #include #include @@ -44,6 +46,7 @@ int lflag, sflag; +static off_t get_skip(const char *, const char *); static void __dead usage(void); int @@ -98,8 +101,8 @@ main(int argc, char *argv[]) if (pledge("stdio", NULL) == -1) err(ERR_EXIT, "pledge"); - skip1 = argc > 2 ? strtoll(argv[2], NULL, 0) : 0; - skip2 = argc == 4 ? strtoll(argv[3], NULL, 0) : 0; + skip1 = (argc > 2) ? get_skip(argv[2], "skip1") : 0; + skip2 = (argc == 4) ? get_skip(argv[3], "skip2") : 0; if (!special) { if (fstat(fd1, &sb1) == -1) @@ -122,6 +125,23 @@ main(int argc, char *argv[]) return 0; } +static off_t +get_skip(const char *arg, const char *name) +{ + off_t skip; + char *ep; + + errno = 0; + skip = strtoll(arg, &ep, 0); + if (arg[0] == '\0' || *ep != '\0') + fatalx("%s is invalid: %s", name, arg); + if (skip < 0) + fatalx("%s is too small: %s", name, arg); + if (skip == LLONG_MAX && errno == ERANGE) + fatalx("%s is too large: %s", name, arg); + return skip; +} + static void __dead usage(void) { -- cgit v1.2.3