svn commit: r243076 - head/usr.sbin/chkgrp
Eitan Adler
eadler at freebsd.org
Thu Nov 15 16:26:43 UTC 2012
On 15 November 2012 10:30, Konstantin Belousov <kostikbel at gmail.com> wrote:
> On Thu, Nov 15, 2012 at 03:06:03PM +0000, Eitan Adler wrote:
>> Author: eadler
>> Date: Thu Nov 15 15:06:03 2012
>> New Revision: 243076
>> URL: http://svnweb.freebsd.org/changeset/base/243076
>>
>> Log:
>> Check the range of the gid
>>
>> Approved by: cperciva
>> MFC after: 1 week
>>
>> Modified:
>> head/usr.sbin/chkgrp/chkgrp.c
>>
>> Modified: head/usr.sbin/chkgrp/chkgrp.c
>> ==============================================================================
>> --- head/usr.sbin/chkgrp/chkgrp.c Thu Nov 15 15:06:00 2012 (r243075)
>> +++ head/usr.sbin/chkgrp/chkgrp.c Thu Nov 15 15:06:03 2012 (r243076)
>> @@ -30,7 +30,10 @@
>> __FBSDID("$FreeBSD$");
>>
>> #include <err.h>
>> +#include <errno.h>
>> #include <ctype.h>
>> +#include <limits.h>
>> +#include <stdint.h>
>> #include <stdio.h>
>> #include <stdlib.h>
>> #include <string.h>
>> @@ -150,6 +153,18 @@ main(int argc, char *argv[])
>> warnx("%s: line %d: GID is not numeric", gfn, n);
>> e++;
>> }
>> +
>> + /* check the range of the group id */
>> + errno = 0;
>> + unsigned long groupid = strtoul(f[2], NULL, 10);
> And this violates style.
> The checks for strtoul failure are not exhaustive.
from the strtoul man page:
====
... In all cases, errno is set to ERANGE.
If no conversion could be performed, 0 is returned and
the global variable errno is set to EINVAL (the last feature is not por-
table across all platforms).
===
What is missing? Is there a case where strtoul fails but errno == 0 ?
--
Eitan Adler
Source, Ports, Doc committer
Bugmeister, Ports Security teams
More information about the svn-src-all
mailing list