From: GNU Libc Maintainers Date: Sat, 30 Sep 2023 08:31:05 +0000 (+0100) Subject: local-nss-overflow X-Git-Tag: archive/raspbian/2.36-9+rpi1+deb12u3^2~16 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=c0eecdf55b434a54794afa18590dc56c17a33688;p=glibc.git local-nss-overflow 2009-01-12 Arthur Loiret nss/nss_files/files-parse.c: Include . (INT_FIELD): Convert field to uintmax_t and check for 32-bit overflow. (INT_FIELD_MAYBE_NULL): Likewise. Gbp-Pq: Topic any Gbp-Pq: Name local-nss-overflow.diff --- diff --git a/nss/nss_files/files-parse.c b/nss/nss_files/files-parse.c index c90e29380..ef955b427 100644 --- a/nss/nss_files/files-parse.c +++ b/nss/nss_files/files-parse.c @@ -21,6 +21,7 @@ #include #include #include +#include #include /* These symbols are defined by the including source file: @@ -156,7 +157,12 @@ strtou32 (const char *nptr, char **endptr, int base) # define INT_FIELD(variable, terminator_p, swallow, base, convert) \ { \ char *endp; \ - variable = convert (strtou32 (line, &endp, base)); \ + unsigned long long tmp; \ + /* Prevent from 32-bit overflow. */ \ + tmp = __strtoull_internal (line, &endp, base, 0); \ + if (tmp > UINT_MAX) \ + return 0; \ + variable = convert ((unsigned long int)tmp); \ if (endp == line) \ return 0; \ else if (terminator_p (*endp)) \ @@ -171,10 +177,15 @@ strtou32 (const char *nptr, char **endptr, int base) # define INT_FIELD_MAYBE_NULL(variable, terminator_p, swallow, base, convert, default) \ { \ char *endp; \ + unsigned long long tmp; \ if (*line == '\0') \ /* We expect some more input, so don't allow the string to end here. */ \ return 0; \ - variable = convert (strtou32 (line, &endp, base)); \ + /* Prevent from 32-bit overflow. */ \ + tmp = __strtoull_internal (line, &endp, base, 0); \ + if (tmp > UINT_MAX) \ + return 0; \ + variable = convert ((unsigned long int)tmp); \ if (endp == line) \ variable = default; \ if (terminator_p (*endp)) \