strtoofft: reduce integer overflow risks globally

... make sure we bail out on overflows. Reported-by: Brian Carpenter Closes #1758
author: Daniel Stenberg <daniel@haxx.se> 2017-08-14 23:33:23 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2017-08-14 23:33:41 +0200
commit: ff50fe0348466cae1a9f9f759b362c03f7060c34 (patch)
tree: 6a5a6efbe7bd7b00e49982e09a5da8f8341de28c /lib/ftplistparser.c
parent: b53b4e44241415c0a7ad857c72ec323109d2a7c0 (diff)
download: curl-ff50fe0348466cae1a9f9f759b362c03f7060c34.tar.gz
1 files changed, 14 insertions, 22 deletions
diff --git a/lib/ftplistparser.c b/lib/ftplistparser.c
index 2acce31d8..47fe1733b 100644
--- a/lib/ftplistparser.c
+++ b/lib/ftplistparser.c
@@ -609,16 +609,18 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t nmemb,
             char *p;
             curl_off_t fsize;
             finfo->b_data[parser->item_offset + parser->item_length - 1] = 0;
-            fsize = curlx_strtoofft(finfo->b_data+parser->item_offset, &p, 10);
-            if(p[0] == '\0' && fsize != CURL_OFF_T_MAX &&
-                               fsize != CURL_OFF_T_MIN) {
-              parser->file_data->info.flags |= CURLFINFOFLAG_KNOWN_SIZE;
-              parser->file_data->info.size = fsize;
+            if(!curlx_strtoofft(finfo->b_data+parser->item_offset,
+                                &p, 10, &fsize)) {
+              if(p[0] == '\0' && fsize != CURL_OFF_T_MAX &&
+                 fsize != CURL_OFF_T_MIN) {
+                parser->file_data->info.flags |= CURLFINFOFLAG_KNOWN_SIZE;
+                parser->file_data->info.size = fsize;
+              }
+              parser->item_length = 0;
+              parser->item_offset = 0;
+              parser->state.UNIX.main = PL_UNIX_TIME;
+              parser->state.UNIX.sub.time = PL_UNIX_TIME_PREPART1;
             }
-            parser->item_length = 0;
-            parser->item_offset = 0;
-            parser->state.UNIX.main = PL_UNIX_TIME;
-            parser->state.UNIX.sub.time = PL_UNIX_TIME_PREPART1;
           }
           else if(!ISDIGIT(c)) {
             PL_ERROR(conn, CURLE_FTP_BAD_FILE_LIST);
@@ -935,19 +937,9 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t nmemb,
             }
             else {
               char *endptr;
-              finfo->size = curlx_strtoofft(finfo->b_data +
-                                            parser->item_offset,
-                                            &endptr, 10);
-              if(!*endptr) {
-                if(finfo->size == CURL_OFF_T_MAX ||
-                   finfo->size == CURL_OFF_T_MIN) {
-                  if(errno == ERANGE) {
-                    PL_ERROR(conn, CURLE_FTP_BAD_FILE_LIST);
-                    return bufflen;
-                  }
-                }
-              }
-              else {
+              if(curlx_strtoofft(finfo->b_data +
+                                 parser->item_offset,
+                                 &endptr, 10, &finfo->size)) {
                 PL_ERROR(conn, CURLE_FTP_BAD_FILE_LIST);
                 return bufflen;
               }
author	Daniel Stenberg <daniel@haxx.se>	2017-08-14 23:33:23 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2017-08-14 23:33:41 +0200
commit	ff50fe0348466cae1a9f9f759b362c03f7060c34 (patch)
tree	6a5a6efbe7bd7b00e49982e09a5da8f8341de28c /lib/ftplistparser.c
parent	b53b4e44241415c0a7ad857c72ec323109d2a7c0 (diff)
download	curl-ff50fe0348466cae1a9f9f759b362c03f7060c34.tar.gz