Discussion:
Added restriction on base value
Aditya Upadhyay
2018-08-12 14:09:51 UTC
Permalink
Hi,

This is a patch to restrict the base value for strtoimax. It is my mistake that I had
ported this code from FreeBSD during GSoC2017.Now I came to realise this mistake
while making a testsuite for this method. Now I have fixed that issue. I
request you to please review the code and apply this patch.

Thanks,
Aditya Upadhyay
Aditya Upadhyay
2018-08-12 14:09:52 UTC
Permalink
---
newlib/libc/stdlib/strtoimax.c | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/newlib/libc/stdlib/strtoimax.c b/newlib/libc/stdlib/strtoimax.c
index 6901612..c3f27df 100644
--- a/newlib/libc/stdlib/strtoimax.c
+++ b/newlib/libc/stdlib/strtoimax.c
@@ -91,6 +91,9 @@ _strtoimax_l(struct _reent *rptr, const char * __restrict nptr,
if (base == 0)
base = c == '0' ? 8 : 10;

+ if (base < 2 || base > 36)
+ goto noconv;
+
/*
* Compute the cutoff value between legal numbers and illegal
* numbers. That is the largest legal value, divided by the
@@ -135,6 +138,7 @@ _strtoimax_l(struct _reent *rptr, const char * __restrict nptr,
acc = neg ? INTMAX_MIN : INTMAX_MAX;
rptr->_errno = ERANGE;
} else if (!any) {
+noconv:
rptr->_errno = EINVAL;
} else if (neg)
acc = -acc;
--
2.7.4
Corinna Vinschen
2018-08-13 07:45:13 UTC
Permalink
Post by Aditya Upadhyay
---
newlib/libc/stdlib/strtoimax.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/newlib/libc/stdlib/strtoimax.c b/newlib/libc/stdlib/strtoimax.c
index 6901612..c3f27df 100644
--- a/newlib/libc/stdlib/strtoimax.c
+++ b/newlib/libc/stdlib/strtoimax.c
@@ -91,6 +91,9 @@ _strtoimax_l(struct _reent *rptr, const char * __restrict nptr,
if (base == 0)
base = c == '0' ? 8 : 10;
+ if (base < 2 || base > 36)
+ goto noconv;
+
/*
* Compute the cutoff value between legal numbers and illegal
* numbers. That is the largest legal value, divided by the
@@ -135,6 +138,7 @@ _strtoimax_l(struct _reent *rptr, const char * __restrict nptr,
acc = neg ? INTMAX_MIN : INTMAX_MAX;
rptr->_errno = ERANGE;
} else if (!any) {
rptr->_errno = EINVAL;
} else if (neg)
acc = -acc;
--
2.7.4
Pushed.


Thanks,
Corinna
--
Corinna Vinschen
Cygwin Maintainer
Red Hat
Loading...