Date: Tue, 21 May 2013 19:56:03 +0000 (UTC) From: Eitan Adler <eadler@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r250882 - head/usr.bin/split Message-ID: <201305211956.r4LJu3mE034091@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: eadler Date: Tue May 21 19:56:03 2013 New Revision: 250882 URL: http://svnweb.freebsd.org/changeset/base/250882 Log: Avoid signed overflow in error handling code. Reviewed by: cperciva, bjk Modified: head/usr.bin/split/split.c Modified: head/usr.bin/split/split.c ============================================================================== --- head/usr.bin/split/split.c Tue May 21 19:32:35 2013 (r250881) +++ head/usr.bin/split/split.c Tue May 21 19:56:03 2013 (r250882) @@ -379,8 +379,10 @@ newfile(void) /* maxfiles = pattlen^sufflen, but don't use libm. */ for (maxfiles = 1, i = 0; i < sufflen; i++) - if ((maxfiles *= pattlen) <= 0) + if (LONG_MAX / pattlen < maxfiles) errx(EX_USAGE, "suffix is too long (max %ld)", i); + else + maxfiles *= pattlen; if (fnum == maxfiles) errx(EX_DATAERR, "too many files");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201305211956.r4LJu3mE034091>