diff options
| author | Eric Koegel <eric.koegel@gmail.com> | 2014-09-16 20:27:52 +0300 |
|---|---|---|
| committer | Eric Koegel <eric.koegel@gmail.com> | 2014-09-22 09:18:43 +0300 |
| commit | a3a4725ef4d63034981b0915194930bfb8d274f1 (patch) | |
| tree | 053f6e136e2171622a587ab9be02f1205fb38e02 | |
| parent | a35307fac4c16c4c5d1640e10bbe9769a0bfd262 (diff) | |
| download | xfce4-session-a3a4725ef4d63034981b0915194930bfb8d274f1.tar.gz | |
atoi (argv[2]) is unsafe
Passing argv command line arguments directly into atoi is unsafe.
Use strtol and check/sanatize what it returns.
| -rw-r--r-- | engines/mice/generate.c | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/engines/mice/generate.c b/engines/mice/generate.c index c2870fa6..9645290c 100644 --- a/engines/mice/generate.c +++ b/engines/mice/generate.c @@ -28,6 +28,9 @@ #include <stdlib.h> #endif +#include <limits.h> +#include <errno.h> + #include <gtk/gtk.h> @@ -77,6 +80,7 @@ int main (int argc, char **argv) { GdkPixbuf *base; GdkPixbuf *result; + glong val; gtk_init (&argc, &argv); @@ -93,7 +97,23 @@ int main (int argc, char **argv) return EXIT_FAILURE; } - result = create_slide (base, atoi (argv[2])); + val = strtol (argv[2], NULL, 10); + + /* Error checking for untrusted input */ + if ((errno == ERANGE && (val == LONG_MAX || val == LONG_MIN)) || (errno != 0 && val == 0)) + { + perror("strtol"); + exit(EXIT_FAILURE); + } + + /* Sanity checks */ + if (val > INT_MAX) + val = INT_MAX; + + if (val < 0) + val = 0; + + result = create_slide (base, val); gdk_pixbuf_save (result, "slide.png", "png", NULL, NULL); |