svn commit: r285985 - in head/usr.sbin/pw: . tests
Baptiste Daroussin
bapt at freebsd.org
Tue Jul 28 23:21:11 UTC 2015
On Wed, Jul 29, 2015 at 08:52:52AM +1000, Bruce Evans wrote:
> On Tue, 28 Jul 2015, Baptiste Daroussin wrote:
>
> > Log:
> > Check uid/gid used when creating a user/group are not larger than UID_MAX/GID_MAX
> >
> > PR: 173977
> > Reported by: nvass at gmx.com
>
> This is broken in a different way than before.
>
> > Modified: head/usr.sbin/pw/pw.c
> > ==============================================================================
> > --- head/usr.sbin/pw/pw.c Tue Jul 28 20:52:10 2015 (r285984)
> > +++ head/usr.sbin/pw/pw.c Tue Jul 28 21:10:58 2015 (r285985)
> > @@ -269,7 +269,7 @@ main(int argc, char *argv[])
> > }
> > if (strspn(optarg, "0123456789") != strlen(optarg))
> > errx(EX_USAGE, "-g expects a number");
> > - id = strtonum(optarg, 0, LONG_MAX, &errstr);
> > + id = strtonum(optarg, 0, GID_MAX, &errstr);
>
> `id' still has type long. The assignment overflows on 32-bit arches when
> the value exceeds 0x7fffffff. That is for half of all valid values. pw
> is broken in not supporting these values, but at least it detected them
> as errors in the previous version. Old versions implemented this bug
> using atoi() with no error checking.
So writting a function like strtonum like function with that prototype
intmax_t strtonumber(const char *, intmax_t min, intmax_t max, const char **);
and an unsigned equivalent
uintmax_t strtonumber(const char *, uintmax_t min, uintmax_t max, const char **);
would do the right thing?
Best regards,
Bapt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-head/attachments/20150729/b11d9a32/attachment.bin>
More information about the svn-src-head
mailing list