fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-22 10:00:30 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

tui: avoid integer overflow checking the range in NmtNewtEntryNumeric

Browse source 
strtoul() operates on "unsigned long" while NmtNewtEntryNumeric uses
"int".

strtoul() might indicate that the text is a valid "unsigned long",
however, then casting to "int" might lead to truncation of the number
and wrong range check.

Also, the type supposedly handles negative integers as well. Not with
strtoul().
This commit is contained in:
Thomas Haller 2017-09-04 14:36:36 +02:00
parent ccc2af0efb
commit 69ccbb7513
1 changed files with 2 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
clients/tui/newt/nmt-newt-entry-numeric.c
View file

@ -123,18 +123,12 @@ newt_entry_numeric_validate (NmtNewtEntry *entry,
{
NmtNewtEntryNumericPrivate *priv = NMT_NEWT_ENTRY_NUMERIC_GET_PRIVATE (entry);
int val;
char *end;
if (!*text)
return priv->optional ? TRUE : FALSE;
val = strtoul (text, &end, 10);
if (*end)
return FALSE;
if (val < priv->min || val > priv->max)
return FALSE;
return TRUE;
val = _nm_utils_ascii_str_to_int64 (text, 10, priv->min, priv->max, 0);
return val != 0 || errno == 0;
}
static void