From owner-freebsd-current@FreeBSD.ORG Fri Jul 26 08:17:14 2013 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id F35A2636 for ; Fri, 26 Jul 2013 08:17:13 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: from mail-wi0-x22b.google.com (mail-wi0-x22b.google.com [IPv6:2a00:1450:400c:c05::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8DADD2BA0 for ; Fri, 26 Jul 2013 08:17:13 +0000 (UTC) Received: by mail-wi0-f171.google.com with SMTP id hj3so528779wib.4 for ; Fri, 26 Jul 2013 01:17:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=M4ANaU3NMWeAl2dfKLSCrDhIZjQkYQW7XWglsfYAes4=; b=tBSukjKCeVQfoVGtOQGj4+96Y3DIJLw4fd8E4P1UHXkPgrSOxZ5bzrna5L1AXVTGp3 Jn1x7g9w+OJi3TK+aF2nrWCw2prydeQfhgZIL3YTnCVvNxA/hYYtAPos/t2dG48tAeWJ yb0HaNrcSIXX1B8hw99wZ1K/V2Jut/F4T7bq6qUwrCGTffoTdPoetRjmYfS9y7BKiNgq In4IAyn6LF2tZzzzvMnvaty2/10o/t/Ofe0cDncZkoxffUyOpZLuSDW6Bn2Yk/cqJFZ7 J+X2l3VGZgQ+9/DUodN8b04zpMpIzN08wRMr0n5cTjd6IzFOYHZfgvLRG4tT4JkhV3iu faeA== MIME-Version: 1.0 X-Received: by 10.194.87.9 with SMTP id t9mr35277876wjz.39.1374826631974; Fri, 26 Jul 2013 01:17:11 -0700 (PDT) Received: by 10.216.82.70 with HTTP; Fri, 26 Jul 2013 01:17:11 -0700 (PDT) Date: Fri, 26 Jul 2013 12:17:11 +0400 Message-ID: Subject: [patch] expand_number(3): check strtoumax(3) for ERANGE From: Sergey Kandaurov To: FreeBSD Current Content-Type: text/plain; charset=ISO-8859-1 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Jul 2013 08:17:14 -0000 Hi, As of now expand_number(3) does not properly check too large data. It currently handles errors only for prefixed values. (an argument is intentionally signed to be closer to the real buggish world, e.g. as it's currently done in truncate(1). This should not compile, though see bsd.sys.mk@169723). int64_t sz; if (expand_number(argv[1], &sz) < 0) err(1, "expand_number"); printf("%ld\n", sz); [pluknet@omg] ./expand_number 8000p 9007199254740992000 [pluknet@omg] ./expand_number 9000p -8313644912125935616 [pluknet@omg] ./expand_number 19000p expand_number: expand_number: Result too large [pluknet@omg] ./expand_number 0x7fffffffffffffff (INT64_MAX) 9223372036854775807 [pluknet@omg] ./expand_number 0xffffffffffffffff (UINT64_MAX) -1 But [pluknet@omg] ./expand_number 0xfffffffffffffffff (> UINT64_MAX) -1 (actually UINTMAX_MAX expressed as signed) This is how it should work: [pluknet@omg] ./expand_number 0xfffffffffffffffff (> UINT64_MAX) expand_number: expand_number: Result too large Index: lib/libutil/expand_number.c =================================================================== --- lib/libutil/expand_number.c (revision 253546) +++ lib/libutil/expand_number.c (working copy) @@ -55,6 +55,10 @@ number = strtoumax(buf, &endptr, 0); + if (number == UINTMAX_MAX && errno == ERANGE) { + return (-1); + } + if (endptr == buf) { /* No valid digits. */ errno = EINVAL; -- wbr, pluknet