Date: Thu, 02 Apr 2026 02:17:09 +0000 From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 60b2eb959e8c - stable/15 - rtld: check for overflow in parse_integer() Message-ID: <69cdd1a5.34092.3a7df156@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch stable/15 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=60b2eb959e8c7584d32fb1910a9eed5bdbc1a6e3 commit 60b2eb959e8c7584d32fb1910a9eed5bdbc1a6e3 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2026-03-29 22:45:13 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2026-04-02 02:13:50 +0000 rtld: check for overflow in parse_integer() (cherry picked from commit 7cfffe25da3fbc2db4bcf073ff2d240f84233973) --- libexec/rtld-elf/rtld.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c index 0cdb09f10121..9e64d1bf8aee 100644 --- a/libexec/rtld-elf/rtld.c +++ b/libexec/rtld-elf/rtld.c @@ -6496,7 +6496,11 @@ parse_integer(const char *str) if (c < '0' || c > '9') return (-1); + if (n > INT_MAX / RADIX) + return (-1); n *= RADIX; + if (n > INT_MAX - (c - '0')) + return (-1); n += c - '0'; }home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69cdd1a5.34092.3a7df156>