Date: Sat, 11 Jul 2020 17:10:16 +0000 (UTC) From: Mark Johnston <markj@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r363102 - head/sbin/ping Message-ID: <202007111710.06BHAGc1098946@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: markj Date: Sat Jul 11 17:10:16 2020 New Revision: 363102 URL: https://svnweb.freebsd.org/changeset/base/363102 Log: ping(8): Check for integer truncation when handling the value for -s. PR: 239976 Submitted by: Neeraj <neerajpal09@gmail.com> MFC after: 1 week Event: July 2020 Bugathon Modified: head/sbin/ping/ping.c Modified: head/sbin/ping/ping.c ============================================================================== --- head/sbin/ping/ping.c Sat Jul 11 17:06:48 2020 (r363101) +++ head/sbin/ping/ping.c Sat Jul 11 17:10:16 2020 (r363102) @@ -478,7 +478,7 @@ main(int argc, char *const *argv) break; case 's': /* size of packet to send */ ltmp = strtol(optarg, &ep, 0); - if (*ep || ep == optarg || ltmp < 0) + if (*ep || ep == optarg || ltmp > INT_MAX || ltmp < 0) errx(EX_USAGE, "invalid packet size: `%s'", optarg); if (uid != 0 && ltmp > DEFDATALEN) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202007111710.06BHAGc1098946>