local-nss-overflow

author GNU Libc Maintainers <debian-glibc@lists.debian.org>

Wed, 7 Feb 2024 18:25:17 +0000 (18:25 +0000)

committer Raspbian forward porter <root@raspbian.org>

Wed, 7 Feb 2024 18:25:17 +0000 (18:25 +0000)
author GNU Libc Maintainers <debian-glibc@lists.debian.org>
Wed, 7 Feb 2024 18:25:17 +0000 (18:25 +0000)
committer Raspbian forward porter <root@raspbian.org>
Wed, 7 Feb 2024 18:25:17 +0000 (18:25 +0000)
diff --git a/nss/nss_files/files-parse.c b/nss/nss_files/files-parse.c

index 632ba0a88082bf297d82cd99bc02d412b5a32ab8..b8c665f88d094c59ee5f0cc4db2b40c750d4b9a9 100644 (file)
--- a/nss/nss_files/files-parse.c
+++ b/nss/nss_files/files-parse.c
@@ -21,6 +21,7 @@
  #include <string.h>
  #include <stdlib.h>
  #include <stdint.h>
+#include <limits.h>
  #include <nss_files.h>
  
  /* These symbols are defined by the including source file:
@@ -156,7 +157,12 @@ strtou32 (const char *nptr, char **endptr, int base)
  # define INT_FIELD(variable, terminator_p, swallow, base, convert)           \
    {                                                                          \
      char *endp;                                                                      \
-    variable = convert (strtou32 (line, &endp, base));                       \
+    unsigned long long tmp;                                                  \
+    /* Prevent from 32-bit overflow.  */                                     \
+    tmp = __strtoull_internal (line, &endp, base, 0);                        \
+    if (tmp > UINT_MAX)                                                      \
+      return 0;                                                                      \
+    variable = convert ((unsigned long int)tmp);                             \
      if (endp == line)                                                        \
        return 0;                                                                      \
      else if (terminator_p (*endp))                                           \
@@ -171,10 +177,15 @@ strtou32 (const char *nptr, char **endptr, int base)
  # define INT_FIELD_MAYBE_NULL(variable, terminator_p, swallow, base, convert, default)       \
    {                                                                          \
      char *endp;                                                                      \
+    unsigned long long tmp;                                                  \
      if (*line == '\0')                                                       \
        /* We expect some more input, so don't allow the string to end here. */ \
        return 0;                                                                      \
-    variable = convert (strtou32 (line, &endp, base));                       \
+    /* Prevent from 32-bit overflow.  */                                     \
+    tmp = __strtoull_internal (line, &endp, base, 0);                \
+    if (tmp > UINT_MAX)                                                      \
+      return 0;                                                                      \
+    variable = convert ((unsigned long int)tmp);                             \
      if (endp == line)                                                        \
        variable = default;                                                    \
      if (terminator_p (*endp))                                                \
author	GNU Libc Maintainers <debian-glibc@lists.debian.org>
	Wed, 7 Feb 2024 18:25:17 +0000 (18:25 +0000)
committer	Raspbian forward porter <root@raspbian.org>
	Wed, 7 Feb 2024 18:25:17 +0000 (18:25 +0000)