Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 15 Nov 2012 20:59:58 +0200
From:      Konstantin Belousov <kostikbel@gmail.com>
To:        Eitan Adler <eadler@freebsd.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Bruce Evans <brde@optusnet.com.au>
Subject:   Re: svn commit: r243076 - head/usr.sbin/chkgrp
Message-ID:  <20121115185958.GG73505@kib.kiev.ua>
In-Reply-To: <CAF6rxgkvh_QEw5o3-8rznkEQMvQHY=ngYVM-7HQ11jHwX2vZ=w@mail.gmail.com>
References:  <201211151506.qAFF63v0003848@svn.freebsd.org> <20121115153030.GD73505@kib.kiev.ua> <CAF6rxgk9w0_Qwo=92g-OSe5imvupG8qg7DzpCS9UVxzwMjn20g@mail.gmail.com> <20121116032851.I44199@besplex.bde.org> <CAF6rxgkvh_QEw5o3-8rznkEQMvQHY=ngYVM-7HQ11jHwX2vZ=w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--WGeo2zNsisDTqWWq
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Nov 15, 2012 at 01:52:46PM -0500, Eitan Adler wrote:
> On 15 November 2012 11:52, Bruce Evans <brde@optusnet.com.au> wrote:
> > strtoul("1garbage", NULL, 10) succeeds and returns value 1, but the inp=
ut
> > is garbage.
>=20
> This case is covered earlier
> 160         /* check that the GID is numeric */
> 161         if (strspn(f[2], "0123456789") !=3D strlen(f[2])) {
> 162             warnx("%s: line %d: GID is not numeric", gfn, n);
So this code shall be removed, if you are introducing strtoul() to check
for errors at all.

>=20
> > As the man page says, the EINVAL feature is unportable.  It is almost
> > useless, since to detect garbage after the number you have to pass an
> > endptr to strtoul(), and then the check for no conversion (that is,
> > for garbage at the beginning) is just as easy as the check for garbage
> > at the end.
>=20
> This patch doesn't care about EINVAL or ERANGE. It just cares strtoul
> returned an error.
> I even considered just ignoring the error case because the data is
> mostly sanity checked prior.
>=20
>=20
> --=20
> Eitan Adler
> Source, Ports, Doc committer
> Bugmeister, Ports Security teams

--WGeo2zNsisDTqWWq
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)

iEYEARECAAYFAlClO6wACgkQC3+MBN1Mb4j68gCcCkKuzH+Duqtd6L47zhlq7OUB
WdUAn2R7YHYJDcDMK9t6C588f1KRr4+S
=iJkd
-----END PGP SIGNATURE-----

--WGeo2zNsisDTqWWq--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121115185958.GG73505>