diff options
| author | Swen Schillig <swen@linux.ibm.com> | 2019-01-30 08:33:02 +0100 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2019-03-01 00:32:11 +0000 |
| commit | e7b7c634e8bb5e9df5c523377458d880a6368ddc (patch) | |
| tree | 3b1fb4e8a1118a5f62c86f9e10eb573ae086f58a | |
| parent | ebeae5dcbad898e8ee0d64c4ed44751b753f27de (diff) | |
| download | samba-e7b7c634e8bb5e9df5c523377458d880a6368ddc.tar.gz | |
common-lib: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
| -rw-r--r-- | lib/ldb-samba/ldb_matching_rules.c | 23 | ||||
| -rw-r--r-- | lib/ldb-samba/ldif_handlers.c | 7 | ||||
| -rw-r--r-- | lib/param/loadparm.c | 24 | ||||
| -rw-r--r-- | lib/util/access.c | 7 | ||||
| -rw-r--r-- | lib/util/asn1.c | 17 | ||||
| -rw-r--r-- | lib/util/util_str.c | 10 |
6 files changed, 65 insertions, 23 deletions
diff --git a/lib/ldb-samba/ldb_matching_rules.c b/lib/ldb-samba/ldb_matching_rules.c index 2aaaeb7450b..7387c12f10d 100644 --- a/lib/ldb-samba/ldb_matching_rules.c +++ b/lib/ldb-samba/ldb_matching_rules.c @@ -383,16 +383,22 @@ static int dsdb_match_for_dns_to_tombstone_time(struct ldb_context *ldb, return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } else { char *p = NULL; + int error = 0; char s[value_to_match->length+1]; + memcpy(s, value_to_match->data, value_to_match->length); s[value_to_match->length] = 0; if (s[0] == '\0' || s[0] == '-') { DBG_ERR("Empty timestamp passed\n"); return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } - tombstone_time = strtoull(s, &p, 10); - if (p == NULL || p == s || *p != '\0' || - tombstone_time == ULLONG_MAX) { + tombstone_time = strtoull_err(s, &p, 10, &error); + if (p == NULL || + p == s || + *p != '\0' || + error != 0 || + tombstone_time == ULLONG_MAX) + { DBG_ERR("Invalid timestamp string passed\n"); return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } @@ -514,14 +520,21 @@ static int dsdb_match_for_expunge(struct ldb_context *ldb, return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } else { char *p = NULL; + int error = 0; char s[value_to_match->length+1]; + memcpy(s, value_to_match->data, value_to_match->length); s[value_to_match->length] = 0; if (s[0] == '\0' || s[0] == '-') { return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } - tombstone_time = strtoull(s, &p, 10); - if (p == NULL || p == s || *p != '\0' || tombstone_time == ULLONG_MAX) { + tombstone_time = strtoull_err(s, &p, 10, &error); + if (p == NULL || + p == s || + *p != '\0' || + error != 0 || + tombstone_time == ULLONG_MAX) + { return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } } diff --git a/lib/ldb-samba/ldif_handlers.c b/lib/ldb-samba/ldif_handlers.c index ecc02e51c1d..d38cdd0c9a3 100644 --- a/lib/ldb-samba/ldif_handlers.c +++ b/lib/ldb-samba/ldif_handlers.c @@ -596,6 +596,8 @@ static int ldif_read_prefixMap(struct ldb_context *ldb, void *mem_ctx, line = string; while (line && line[0]) { + int error = 0; + p=strchr(line, ';'); if (p) { p[0] = '\0'; @@ -619,9 +621,10 @@ static int ldif_read_prefixMap(struct ldb_context *ldb, void *mem_ctx, return -1; } - blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].id_prefix = strtoul(line, &oid, 10); + blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].id_prefix = + strtoul_err(line, &oid, 10, &error); - if (oid[0] != ':') { + if (oid[0] != ':' || error != 0) { talloc_free(tmp_ctx); return -1; } diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c index 84c83ae91ec..9c7bf892835 100644 --- a/lib/param/loadparm.c +++ b/lib/param/loadparm.c @@ -331,13 +331,21 @@ int lp_int(const char *s) */ unsigned long lp_ulong(const char *s) { + int error = 0; + unsigned long int ret; if (!s || !*s) { - DEBUG(0,("lp_ulong(%s): is called with NULL!\n",s)); + DBG_DEBUG("lp_ulong(%s): is called with NULL!\n",s); return -1; } - return strtoul(s, NULL, 0); + ret = strtoul_err(s, NULL, 0, &error); + if (error != 0) { + DBG_DEBUG("lp_ulong(%s): conversion failed\n",s); + return -1; + } + + return ret; } /** @@ -345,13 +353,21 @@ unsigned long lp_ulong(const char *s) */ unsigned long long lp_ulonglong(const char *s) { + int error = 0; + unsigned long long int ret; if (!s || !*s) { - DEBUG(0, ("lp_ulonglong(%s): is called with NULL!\n", s)); + DBG_DEBUG("lp_ulonglong(%s): is called with NULL!\n", s); return -1; } - return strtoull(s, NULL, 0); + ret = strtoull_err(s, NULL, 0, &error); + if (error != 0) { + DBG_DEBUG("lp_ulonglong(%s): conversion failed\n",s); + return -1; + } + + return ret; } /** diff --git a/lib/util/access.c b/lib/util/access.c index 7da0573a74d..a05a47c15b2 100644 --- a/lib/util/access.c +++ b/lib/util/access.c @@ -71,8 +71,11 @@ static bool masked_match(const char *tok, const char *slash, const char *s) } } else { char *endp = NULL; - unsigned long val = strtoul(slash+1, &endp, 0); - if (slash+1 == endp || (endp && *endp != '\0')) { + int error = 0; + unsigned long val; + + val = strtoul_err(slash+1, &endp, 0, &error); + if (slash+1 == endp || (endp && *endp != '\0') || error != 0) { return false; } if (!make_netmask(&ss_mask, &ss_tok, val)) { diff --git a/lib/util/asn1.c b/lib/util/asn1.c index 60ddfa09bcf..affa8f1df91 100644 --- a/lib/util/asn1.c +++ b/lib/util/asn1.c @@ -273,15 +273,20 @@ bool ber_write_OID_String(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, const char *OID) const char *p = (const char *)OID; char *newp; int i; + int error = 0; if (!isdigit(*p)) return false; - v = strtoul(p, &newp, 10); - if (newp[0] != '.') return false; + v = strtoul_err(p, &newp, 10, &error); + if (newp[0] != '.' || error != 0) { + return false; + } p = newp + 1; if (!isdigit(*p)) return false; - v2 = strtoul(p, &newp, 10); - if (newp[0] != '.') return false; + v2 = strtoul_err(p, &newp, 10, &error); + if (newp[0] != '.' || error != 0) { + return false; + } p = newp + 1; /*the ber representation can't use more space than the string one */ @@ -293,8 +298,8 @@ bool ber_write_OID_String(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, const char *OID) i = 1; while (*p) { if (!isdigit(*p)) return false; - v = strtoul(p, &newp, 10); - if (newp[0] == '.') { + v = strtoul_err(p, &newp, 10, &error); + if (newp[0] == '.' || error != 0) { p = newp + 1; /* check for empty last component */ if (!*p) return false; diff --git a/lib/util/util_str.c b/lib/util/util_str.c index c7d91ca3744..447919b087b 100644 --- a/lib/util/util_str.c +++ b/lib/util/util_str.c @@ -63,13 +63,14 @@ _PUBLIC_ bool conv_str_size_error(const char * str, uint64_t * val) { char * end = NULL; unsigned long long lval; + int error = 0; if (str == NULL || *str == '\0') { return false; } - lval = strtoull(str, &end, 10 /* base */); - if (end == NULL || end == str) { + lval = strtoull_err(str, &end, 10, &error); + if (end == NULL || end == str || error != 0) { return false; } @@ -104,13 +105,14 @@ _PUBLIC_ bool conv_str_u64(const char * str, uint64_t * val) { char * end = NULL; unsigned long long lval; + int error = 0; if (str == NULL || *str == '\0') { return false; } - lval = strtoull(str, &end, 10 /* base */); - if (end == NULL || *end != '\0' || end == str) { + lval = strtoull_err(str, &end, 10, &error); + if (end == NULL || *end != '\0' || end == str || error != 0) { return false; } |