aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKonstantin Belousov <kib@FreeBSD.org>2026-03-29 22:45:13 +0000
committerKonstantin Belousov <kib@FreeBSD.org>2026-03-30 16:56:52 +0000
commit7cfffe25da3fbc2db4bcf073ff2d240f84233973 (patch)
tree6b6dd285b17bb2540e9d609dd40b441123880a47
parenta1c042a9641c9df08010e87d0928703849ff9853 (diff)
rtld: check for overflow in parse_integer()
Reviewed by: dim, emaste, markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D56151
Diffstat
-rw-r--r--libexec/rtld-elf/rtld.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index e0de6d2e2214..1cf0d3e9ba28 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -6492,7 +6492,11 @@ parse_integer(const char *str)
if (c < '0' || c > '9')
return (-1);
+ if (n > INT_MAX / RADIX)
+ return (-1);
n *= RADIX;
+ if (n > INT_MAX - (c - '0'))
+ return (-1);
n += c - '0';
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-11 00:27:18 +0000