fbt/sbase
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make strtol() parsing even stricter in parseoffset()

Browse Source 
Be strict about what we pass to it and how we handle errors.
The base-check is done by strtol anyway.
Also improve error-reporting.
This commit is contained in:
FRIGN 2015-09-30 20:05:14 +02:00 committed by sin
parent c514c580ec
commit 8be7c42863
1 changed files with 11 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
libutil/parseoffset.c
View File

@ -1,5 +1,6 @@
/* See LICENSE file for copyright and license details. */ /* See LICENSE file for copyright and license details. */
#include <ctype.h> #include <ctype.h>
#include <errno.h>
#include <inttypes.h> #include <inttypes.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
@ -9,25 +10,21 @@
off_t off_t
parseoffset(const char *str) parseoffset(const char *str)
{ {
off_t res; off_t res, scale = 1;
size_t scale = 1;
int base = 10;
char *end; char *end;
if (!str || !*str) { /* strictly check what strtol() usually would let pass */
weprintf("parseoffset: empty string\n"); if (!str || !*str || isspace(*str) || *str == '+' || *str == '-') {
weprintf("parseoffset %s: invalid value\n", str);
return -1; return -1;
} }
/* bases */ errno = 0;
if (!strncasecmp(str, "0x", strlen("0x"))) { res = strtol(str, &end, 0);
base = 16; if (errno) {
} else if (*str == '0') { weprintf("parseoffset %s: invalid value\n", str);
str++; return -1;
base = 8;
} }
res = strtol(str, &end, base);
if (res < 0) { if (res < 0) {
weprintf("parseoffset %s: negative value\n", str); weprintf("parseoffset %s: negative value\n", str);
return -1; return -1;
@ -49,7 +46,7 @@ parseoffset(const char *str)
scale = 1024L * 1024L * 1024L; scale = 1024L * 1024L * 1024L;
break; break;
default: default:
weprintf("parseoffset %s: invalid suffix\n", str); weprintf("parseoffset %s: invalid suffix '%s'\n", str, end);
return -1; return -1;
} }
} }