From e7b7c634e8bb5e9df5c523377458d880a6368ddc Mon Sep 17 00:00:00 2001 From: Swen Schillig Date: Wed, 30 Jan 2019 08:33:02 +0100 Subject: common-lib: Use wrapper for string to integer conversion MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison --- lib/ldb-samba/ldb_matching_rules.c | 23 ++++++++++++++++++----- lib/ldb-samba/ldif_handlers.c | 7 +++++-- 2 files changed, 23 insertions(+), 7 deletions(-) (limited to 'lib/ldb-samba') diff --git a/lib/ldb-samba/ldb_matching_rules.c b/lib/ldb-samba/ldb_matching_rules.c index 2aaaeb7450b..7387c12f10d 100644 --- a/lib/ldb-samba/ldb_matching_rules.c +++ b/lib/ldb-samba/ldb_matching_rules.c @@ -383,16 +383,22 @@ static int dsdb_match_for_dns_to_tombstone_time(struct ldb_context *ldb, return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } else { char *p = NULL; + int error = 0; char s[value_to_match->length+1]; + memcpy(s, value_to_match->data, value_to_match->length); s[value_to_match->length] = 0; if (s[0] == '\0' || s[0] == '-') { DBG_ERR("Empty timestamp passed\n"); return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } - tombstone_time = strtoull(s, &p, 10); - if (p == NULL || p == s || *p != '\0' || - tombstone_time == ULLONG_MAX) { + tombstone_time = strtoull_err(s, &p, 10, &error); + if (p == NULL || + p == s || + *p != '\0' || + error != 0 || + tombstone_time == ULLONG_MAX) + { DBG_ERR("Invalid timestamp string passed\n"); return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } @@ -514,14 +520,21 @@ static int dsdb_match_for_expunge(struct ldb_context *ldb, return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } else { char *p = NULL; + int error = 0; char s[value_to_match->length+1]; + memcpy(s, value_to_match->data, value_to_match->length); s[value_to_match->length] = 0; if (s[0] == '\0' || s[0] == '-') { return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } - tombstone_time = strtoull(s, &p, 10); - if (p == NULL || p == s || *p != '\0' || tombstone_time == ULLONG_MAX) { + tombstone_time = strtoull_err(s, &p, 10, &error); + if (p == NULL || + p == s || + *p != '\0' || + error != 0 || + tombstone_time == ULLONG_MAX) + { return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } } diff --git a/lib/ldb-samba/ldif_handlers.c b/lib/ldb-samba/ldif_handlers.c index ecc02e51c1d..d38cdd0c9a3 100644 --- a/lib/ldb-samba/ldif_handlers.c +++ b/lib/ldb-samba/ldif_handlers.c @@ -596,6 +596,8 @@ static int ldif_read_prefixMap(struct ldb_context *ldb, void *mem_ctx, line = string; while (line && line[0]) { + int error = 0; + p=strchr(line, ';'); if (p) { p[0] = '\0'; @@ -619,9 +621,10 @@ static int ldif_read_prefixMap(struct ldb_context *ldb, void *mem_ctx, return -1; } - blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].id_prefix = strtoul(line, &oid, 10); + blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].id_prefix = + strtoul_err(line, &oid, 10, &error); - if (oid[0] != ':') { + if (oid[0] != ':' || error != 0) { talloc_free(tmp_ctx); return -1; } -- cgit v1.2.1