Ensure that the base provided to strtol(3) is between 2 and 36 inclusive,

or the special value of 0. ok deraadt@ otto@
author: jsing <> 2012-11-18 04:13:39 +0000
committer: jsing <> 2012-11-18 04:13:39 +0000
commit: fb121033420ff8f7793b3bcc2570ec82abc629bf (patch)
tree: b3cb85b4b83ca01c7a36a38344d627fb1e6f089f
parent: d7d7374e0c62e4c77272ff42edf07608a8565c1e (diff)
download: openbsd-fb121033420ff8f7793b3bcc2570ec82abc629bf.tar.gz
openbsd-fb121033420ff8f7793b3bcc2570ec82abc629bf.tar.bz2
openbsd-fb121033420ff8f7793b3bcc2570ec82abc629bf.zip
1 files changed, 12 insertions, 1 deletions
diff --git a/src/lib/libc/stdlib/strtol.c b/src/lib/libc/stdlib/strtol.c
index 5a244766db..745bc4c2ce 100644
--- a/src/lib/libc/stdlib/strtol.c
+++ b/src/lib/libc/stdlib/strtol.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: strtol.c,v 1.7 2005/08/08 08:05:37 espie Exp $ */
+/*      $OpenBSD: strtol.c,v 1.8 2012/11/18 04:13:39 jsing Exp $ */
 /*-
 * Copyright (c) 1990 The Regents of the University of California.
 * All rights reserved.
@@ -49,6 +49,17 @@ strtol(const char *nptr, char **endptr, int base)
        int neg, any, cutlim;
        /*
+         * Ensure that base is between 2 and 36 inclusive, or the special
+         * value of 0.
+         */
+        if (base != 0 && (base < 2 || base > 36)) {
+                if (endptr != 0)
+                        *endptr = nptr;
+                errno = EINVAL;
+                return 0;
+        }
+        /*
         * Skip white space and pick up leading +/- sign if any.
         * If base is 0, allow 0x for hex and 0 for octal, else
         * assume decimal; if base is already 16, allow 0x.
author	jsing <>	2012-11-18 04:13:39 +0000
committer	jsing <>	2012-11-18 04:13:39 +0000
commit	fb121033420ff8f7793b3bcc2570ec82abc629bf (patch)
tree	b3cb85b4b83ca01c7a36a38344d627fb1e6f089f
parent	d7d7374e0c62e4c77272ff42edf07608a8565c1e (diff)
download	openbsd-fb121033420ff8f7793b3bcc2570ec82abc629bf.tar.gz openbsd-fb121033420ff8f7793b3bcc2570ec82abc629bf.tar.bz2 openbsd-fb121033420ff8f7793b3bcc2570ec82abc629bf.zip

diff --git a/src/lib/libc/stdlib/strtol.c b/src/lib/libc/stdlib/strtol.c index 5a244766db..745bc4c2ce 100644 --- a/src/lib/libc/stdlib/strtol.c +++ b/src/lib/libc/stdlib/strtol.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: strtol.c,v 1.7 2005/08/08 08:05:37 espie Exp $ */	1	/* $OpenBSD: strtol.c,v 1.8 2012/11/18 04:13:39 jsing Exp $ */
2	/*-	2	/*-
3	* Copyright (c) 1990 The Regents of the University of California.	3	* Copyright (c) 1990 The Regents of the University of California.
4	* All rights reserved.	4	* All rights reserved.
@@ -49,6 +49,17 @@ strtol(const char nptr, char *endptr, int base)
49	int neg, any, cutlim;	49	int neg, any, cutlim;
50		50
51	/*	51	/*
		52	* Ensure that base is between 2 and 36 inclusive, or the special
		53	* value of 0.
		54	*/
		55	if (base != 0 && (base < 2 \|\| base > 36)) {
		56	if (endptr != 0)
		57	*endptr = nptr;
		58	errno = EINVAL;
		59	return 0;
		60	}
		61
		62	/*
52	* Skip white space and pick up leading +/- sign if any.	63	* Skip white space and pick up leading +/- sign if any.
53	* If base is 0, allow 0x for hex and 0 for octal, else	64	* If base is 0, allow 0x for hex and 0 for octal, else
54	* assume decimal; if base is already 16, allow 0x.	65	* assume decimal; if base is already 16, allow 0x.