Date: Sun, 17 Aug 2014 16:40:30 +0000 (UTC) From: Jilles Tjoelker <jilles@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r270102 - head/bin/sh Message-ID: <201408171640.s7HGeUut000858@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jilles Date: Sun Aug 17 16:40:29 2014 New Revision: 270102 URL: http://svnweb.freebsd.org/changeset/base/270102 Log: sh: Reject integer overflow in number and is_number. Modified: head/bin/sh/mystring.c Modified: head/bin/sh/mystring.c ============================================================================== --- head/bin/sh/mystring.c Sun Aug 17 14:26:12 2014 (r270101) +++ head/bin/sh/mystring.c Sun Aug 17 16:40:29 2014 (r270102) @@ -82,9 +82,17 @@ number(const char *s) int is_number(const char *p) { - do { - if (! is_digit(*p)) + const char *q; + + if (*p == '\0') + return 0; + while (*p == '0') + p++; + for (q = p; *q != '\0'; q++) + if (! is_digit(*q)) return 0; - } while (*++p != '\0'); + if (q - p > 10 || + (q - p == 10 && memcmp(p, "2147483647", 10) > 0)) + return 0; return 1; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201408171640.s7HGeUut000858>