From owner-freebsd-security Tue May 13 15:35:31 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id PAA21492 for security-outgoing; Tue, 13 May 1997 15:35:31 -0700 (PDT) Received: from bsd.fs.bauing.th-darmstadt.de (bsd.fs.bauing.th-darmstadt.de [130.83.63.241]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA21485 for ; Tue, 13 May 1997 15:35:27 -0700 (PDT) Received: from campa.panke.de (anonymous216.ppp.cs.tu-berlin.de [130.149.17.216]) by bsd.fs.bauing.th-darmstadt.de (8.8.5/8.8.5) with ESMTP id AAA12927; Wed, 14 May 1997 00:35:13 +0200 (MET DST) Received: (from wosch@localhost) by campa.panke.de (8.8.5/8.6.12) id XAA00653; Tue, 13 May 1997 23:16:19 +0200 (MET DST) Date: Tue, 13 May 1997 23:16:19 +0200 (MET DST) Message-Id: <199705132116.XAA00653@campa.panke.de> From: Wolfram Schneider To: Bruce Evans Cc: wollman@khavrinen.lcs.mit.edu, freebsd-security@FreeBSD.ORG Subject: Re: Linux UID/GID 'Feature' In-Reply-To: <199705121615.CAA16319@godzilla.zeta.org.au> References: <199705121615.CAA16319@godzilla.zeta.org.au> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Bruce Evans writes: >>> id = atol(p); >>> + for(; *p != '\0'; p++) >>> + if (!isdigit(*p)) >>> + goto fmt; >>> + >> >>This is why you should never use atol(). Always, always, always use >>strtol(), and then you won't have these problems. Properly written to >>use strtol: strtol do more things which we dont want: man strtol The string may begin with an arbitrary amount of white space (as deter- mined by isspace(3)) followed by a single optional `+' or `-' sign. If base is zero or 16, the string may then include a `0x' prefix, and the number will be read in base 16; otherwise, a zero base is taken as 10 (decimal) unless the next character is `0', in which case it is taken as 8 (octal). >Another problem: isdigit(*p) is usually undefined if *p < 0. What does usually means? There is no warning in the isdigit manpage. Wolfram