[Libvir] detect overflow in string-to-int conversion
Jim Meyering
jim at meyering.net
Wed Oct 24 13:52:22 UTC 2007
Hi,
Not a big deal, but it's better not to accept a bogus
"4294967297" and silently map it to "1".
Don't accept an arbitrarily-long string of digits.
* src/xml.c (parseNumber): Detect overflow.
diff --git a/src/xml.c b/src/xml.c
index 3e92040..5011dc2 100644
--- a/src/xml.c
+++ b/src/xml.c
@@ -1,7 +1,7 @@
/*
* xml.c: XML based interfaces for the libvir library
*
- * Copyright (C) 2005 Red Hat, Inc.
+ * Copyright (C) 2005, 2007 Red Hat, Inc.
*
* See COPYING.LIB for the License of this software
*
@@ -77,7 +77,7 @@ skipSpaces(const char **str) {
*
* Parse a number
*
- * Returns the CPU number or -1 in case of error. @str will be
+ * Returns the unsigned number or -1 in case of error. @str will be
* updated to skip the number.
*/
static int
@@ -89,8 +89,11 @@ parseNumber(const char **str) {
return(-1);
while ((*cur >= '0') && (*cur <= '9')) {
- ret = ret * 10 + (*cur - '0');
- cur++;
+ unsigned int c = *cur - '0';
+ if (ret > INT_MAX / 10 || (ret == INT_MAX / 10 && c > INT_MAX % 10))
+ return(-1);
+ ret = ret * 10 + c;
+ cur++;
}
*str = cur;
return(ret);
More information about the libvir-list
mailing list