git: 7cfffe25da3f - main - rtld: check for overflow in parse_integer()

From: Konstantin Belousov <kib_at_FreeBSD.org>
Date: Mon, 30 Mar 2026 17:15:37 UTC 
The branch main has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=7cfffe25da3fbc2db4bcf073ff2d240f84233973

commit 7cfffe25da3fbc2db4bcf073ff2d240f84233973
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2026-03-29 22:45:13 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2026-03-30 16:56:52 +0000

    rtld: check for overflow in parse_integer()
    
    Reviewed by:    dim, emaste, markj
    Sponsored by:   The FreeBSD Foundation
    MFC after:      1 week
    Differential revision:  https://reviews.freebsd.org/D56151
---
 libexec/rtld-elf/rtld.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index e0de6d2e2214..1cf0d3e9ba28 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -6492,7 +6492,11 @@ parse_integer(const char *str)
 		if (c < '0' || c > '9')
 			return (-1);
 
+		if (n > INT_MAX / RADIX)
+			return (-1);
 		n *= RADIX;
+		if (n > INT_MAX - (c - '0'))
+			return (-1);
 		n += c - '0';
 	}