aboutsummaryrefslogtreecommitdiff
path: root/bin
diff options
context:
space:
mode:
authorJilles Tjoelker <jilles@FreeBSD.org>2014-08-17 16:40:29 +0000
committerJilles Tjoelker <jilles@FreeBSD.org>2014-08-17 16:40:29 +0000
commitd53f7f64f7920dac7def57cd3dacf44efc784369 (patch)
tree8bc372a4d3854febe0b26f9ea973812a0638f56b /bin
parent1c9c6ea481b61cd3395066c749b60e77a4264a5c (diff)
downloadsrc-d53f7f64f7920dac7def57cd3dacf44efc784369.tar.gz
src-d53f7f64f7920dac7def57cd3dacf44efc784369.zip
sh: Reject integer overflow in number and is_number.
Notes
Notes: svn path=/head/; revision=270102
Diffstat (limited to 'bin')
-rw-r--r--bin/sh/mystring.c14
1 files changed, 11 insertions, 3 deletions
diff --git a/bin/sh/mystring.c b/bin/sh/mystring.c
index 03ea8bac608c..19de78d9fd5d 100644
--- a/bin/sh/mystring.c
+++ b/bin/sh/mystring.c
@@ -82,9 +82,17 @@ number(const char *s)
int
is_number(const char *p)
{
- do {
- if (! is_digit(*p))
+ const char *q;
+
+ if (*p == '\0')
+ return 0;
+ while (*p == '0')
+ p++;
+ for (q = p; *q != '\0'; q++)
+ if (! is_digit(*q))
return 0;
- } while (*++p != '\0');
+ if (q - p > 10 ||
+ (q - p == 10 && memcmp(p, "2147483647", 10) > 0))
+ return 0;
return 1;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 11:14:19 +0000