svn commit: r341802 - head/usr.bin/truss
John Baldwin
jhb at FreeBSD.org
Mon Dec 10 21:47:20 UTC 2018
Author: jhb
Date: Mon Dec 10 21:47:19 2018
New Revision: 341802
URL: https://svnweb.freebsd.org/changeset/base/341802
Log:
Validate the string size parameter passed to -s.
Use strtonum() to reject negative sizes instead of core dumping.
PR: 232206
Submitted by: David Carlier <devnexen at gmail.com>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D17537
Modified:
head/usr.bin/truss/main.c
Modified: head/usr.bin/truss/main.c
==============================================================================
--- head/usr.bin/truss/main.c Mon Dec 10 21:33:01 2018 (r341801)
+++ head/usr.bin/truss/main.c Mon Dec 10 21:47:19 2018 (r341802)
@@ -71,6 +71,7 @@ main(int ac, char **av)
struct trussinfo *trussinfo;
char *fname;
char **command;
+ const char *errstr;
pid_t pid;
int c;
@@ -118,7 +119,9 @@ main(int ac, char **av)
fname = optarg;
break;
case 's': /* Specified string size */
- trussinfo->strsize = atoi(optarg);
+ trussinfo->strsize = strtonum(optarg, 0, INT_MAX, &errstr);
+ if (errstr)
+ errx(1, "maximum string size is %s: %s", errstr, optarg);
break;
case 'S': /* Don't trace signals */
trussinfo->flags |= NOSIGS;
More information about the svn-src-all
mailing list