[svn-commits] twilson: trunk r371400 - in /trunk: ./ main/config.c

SVN commits to the Digium repositories svn-commits at lists.digium.com
Thu Aug 16 18:08:46 CDT 2012 

Author: twilson
Date: Thu Aug 16 18:08:40 2012
New Revision: 371400

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=371400
Log:
Handle integer over/under-flow in ast_parse_args

The strtol family of functions will return *_MIN/*_MAX on overflow. To
detect when an overflow has happened, errno must be set to 0 before
calling the function, then checked afterward.

(closes issue ASTERISK-20120)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2073/
........

Merged revisions 371392 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 371398 from http://svn.asterisk.org/svn/asterisk/branches/10
........

Merged revisions 371399 from http://svn.asterisk.org/svn/asterisk/branches/11

Modified:
    trunk/   (props changed)
    trunk/main/config.c

Propchange: trunk/
------------------------------------------------------------------------------
--- branch-11-merged (original)
+++ branch-11-merged Thu Aug 16 18:08:40 2012
@@ -1,1 +1,1 @@
-/branches/11:1-371121,371143,371146,371200,371227,371258,371272,371295,371324,371355,371382,371395
+/branches/11:1-371121,371143,371146,371200,371227,371258,371272,371295,371324,371355,371382,371395,371399

Modified: trunk/main/config.c
URL: http://svnview.digium.com/svn/asterisk/trunk/main/config.c?view=diff&rev=371400&r1=371399&r2=371400
==============================================================================
--- trunk/main/config.c (original)
+++ trunk/main/config.c Thu Aug 16 18:08:40 2012
@@ -2827,8 +2827,9 @@
 			error = 1;
 			goto int32_done;
 		}
+		errno = 0;
 		x = strtol(arg, &endptr, 0);
-		if (*endptr || x < INT32_MIN || x > INT32_MAX) {
+		if (*endptr || errno || x < INT32_MIN || x > INT32_MAX) {
 			/* Parse error, or type out of int32_t bounds */
 			error = 1;
 			goto int32_done;
@@ -2881,8 +2882,9 @@
 			error = 1;
 			goto uint32_done;
 		}
+		errno = 0;
 		x = strtoul(arg, &endptr, 0);
-		if (*endptr || x > UINT32_MAX) {
+		if (*endptr || errno || x > UINT32_MAX) {
 			error = 1;
 			goto uint32_done;
 		}

More information about the svn-commits mailing list