Date: Wed, 14 May 1997 12:09:26 +1000 From: Bruce Evans <bde@zeta.org.au> To: bde@zeta.org.au, wosch@apfel.de Cc: freebsd-security@FreeBSD.ORG, wollman@khavrinen.lcs.mit.edu Subject: Re: Linux UID/GID 'Feature' Message-ID: <199705140209.MAA23416@godzilla.zeta.org.au>
index | next in thread | raw e-mail
>Bruce Evans writes: >>>> id = atol(p); >>>> + for(; *p != '\0'; p++) >>>> + if (!isdigit(*p)) >>>> + goto fmt; >>>> + >>> >>>This is why you should never use atol(). Always, always, always use >>>strtol(), and then you won't have these problems. Properly written to >>>use strtol: > >strtol do more things which we dont want: > >man strtol > The string may begin with an arbitrary amount of white space (as deter- > mined by isspace(3)) followed by a single optional `+' or `-' sign. If > base is zero or 16, the string may then include a `0x' prefix, and the > number will be read in base 16; otherwise, a zero base is taken as 10 > (decimal) unless the next character is `0', in which case it is taken as > 8 (octal). atol(p) is equivalent to strtol(p, (char **)NULL, 10). This may also do things that we don't want (it skips leading whit space and interprets signs). >>Another problem: isdigit(*p) is usually undefined if *p < 0. > >What does usually means? There is no warning in the isdigit manpage. Except when *p == EOF. The man page is deficient. So is ctype(3). ANSI ctype functions are only valid for args that are representable as an unsigned char or equal to EOF. Brucehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199705140209.MAA23416>