From: GNU Libc Maintainers Date: Fri, 26 Jan 2018 22:35:29 +0000 (+0000) Subject: local-nss-overflow X-Git-Tag: archive/raspbian/2.26-6+rpi1^2~18 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=e2ee071974622c2ddf93ebd0b68870c8c39a959e;p=glibc.git local-nss-overflow 2009-01-12 Arthur Loiret nss/nss_files/files-parse.c: Include . (INT_FIELD): Convert field to uintmax_t and check for 32-bit overflow. (INT_FIELD_MAYBE_NULL): Likewise. Gbp-Pq: Topic any Gbp-Pq: Name local-nss-overflow.diff --- diff --git a/nss/nss_files/files-parse.c b/nss/nss_files/files-parse.c index b31ff9e17..3664b502a 100644 --- a/nss/nss_files/files-parse.c +++ b/nss/nss_files/files-parse.c @@ -21,6 +21,7 @@ #include #include #include +#include /* These symbols are defined by the including source file: @@ -160,7 +161,12 @@ strtou32 (const char *nptr, char **endptr, int base) # define INT_FIELD(variable, terminator_p, swallow, base, convert) \ { \ char *endp; \ - variable = convert (strtou32 (line, &endp, base)); \ + unsigned long long tmp; \ + /* Prevent from 32-bit overflow. */ \ + tmp = __strtoull_internal (line, &endp, base, 0); \ + if (tmp > UINT_MAX) \ + return 0; \ + variable = convert ((unsigned long int)tmp); \ if (endp == line) \ return 0; \ else if (terminator_p (*endp)) \ @@ -175,10 +181,15 @@ strtou32 (const char *nptr, char **endptr, int base) # define INT_FIELD_MAYBE_NULL(variable, terminator_p, swallow, base, convert, default) \ { \ char *endp; \ + unsigned long long tmp; \ if (*line == '\0') \ /* We expect some more input, so don't allow the string to end here. */ \ return 0; \ - variable = convert (strtou32 (line, &endp, base)); \ + /* Prevent from 32-bit overflow. */ \ + tmp = __strtoull_internal (line, &endp, base, 0); \ + if (tmp > UINT_MAX) \ + return 0; \ + variable = convert ((unsigned long int)tmp); \ if (endp == line) \ variable = default; \ if (terminator_p (*endp)) \