Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 25 Sep 2014 22:37:28 +0000 (UTC)
From:      Xin LI <delphij@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r272144 - head/sbin/sysctl
Message-ID:  <201409252237.s8PMbScl041679@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: delphij
Date: Thu Sep 25 22:37:27 2014
New Revision: 272144
URL: http://svnweb.freebsd.org/changeset/base/272144

Log:
  The strtol(3) family of functions would set errno when it hits one.
  Check errno and handle it as invalid input.
  
  Obtained from:	HardenedBSD
  Submitted by:	David CARLIER <devnexen@gmail.com>
  MFC after:	2 weeks

Modified:
  head/sbin/sysctl/sysctl.c

Modified: head/sbin/sysctl/sysctl.c
==============================================================================
--- head/sbin/sysctl/sysctl.c	Thu Sep 25 22:22:57 2014	(r272143)
+++ head/sbin/sysctl/sysctl.c	Thu Sep 25 22:37:27 2014	(r272144)
@@ -305,7 +305,8 @@ parse(const char *string, int lineno)
  				} else {
 					intval = (int)strtol(newval, &endptr,
 					    0);
-					if (endptr == newval || *endptr != '\0') {
+					if (errno != 0 || endptr == newval ||
+						*endptr != '\0') {
 						warnx("invalid integer '%s'%s",
 						    (char *)newval, line);
 						return (1);
@@ -316,7 +317,8 @@ parse(const char *string, int lineno)
 				break;
 			case CTLTYPE_UINT:
 				uintval = (int) strtoul(newval, &endptr, 0);
-				if (endptr == newval || *endptr != '\0') {
+				if (errno != 0 || endptr == newval ||
+					*endptr != '\0') {
 					warnx("invalid unsigned integer '%s'%s",
 					    (char *)newval, line);
 					return (1);
@@ -326,7 +328,8 @@ parse(const char *string, int lineno)
 				break;
 			case CTLTYPE_LONG:
 				longval = strtol(newval, &endptr, 0);
-				if (endptr == newval || *endptr != '\0') {
+				if (errno != 0 || endptr == newval ||
+					*endptr != '\0') {
 					warnx("invalid long integer '%s'%s",
 					    (char *)newval, line);
 					return (1);
@@ -336,7 +339,8 @@ parse(const char *string, int lineno)
 				break;
 			case CTLTYPE_ULONG:
 				ulongval = strtoul(newval, &endptr, 0);
-				if (endptr == newval || *endptr != '\0') {
+				if (errno != 0 || endptr == newval ||
+					*endptr != '\0') {
 					warnx("invalid unsigned long integer"
 					    " '%s'%s", (char *)newval, line);
 					return (1);
@@ -348,7 +352,8 @@ parse(const char *string, int lineno)
 				break;
 			case CTLTYPE_S64:
 				i64val = strtoimax(newval, &endptr, 0);
-				if (endptr == newval || *endptr != '\0') {
+				if (errno != 0 || endptr == newval ||
+					*endptr != '\0') {
 					warnx("invalid int64_t '%s'%s",
 					    (char *)newval, line);
 					return (1);
@@ -358,7 +363,8 @@ parse(const char *string, int lineno)
 				break;
 			case CTLTYPE_U64:
 				u64val = strtoumax(newval, &endptr, 0);
-				if (endptr == newval || *endptr != '\0') {
+				if (errno != 0 || endptr == newval ||
+					*endptr != '\0') {
 					warnx("invalid uint64_t '%s'%s",
 					    (char *)newval, line);
 					return (1);
@@ -669,14 +675,16 @@ set_IK(const char *str, int *val)
 	p = &str[len - 1];
 	if (*p == 'C' || *p == 'F') {
 		temp = strtof(str, &endptr);
-		if (endptr == str || endptr != p)
+		if (errno != 0 || endptr == str ||
+			endptr != p)
 			return (0);
 		if (*p == 'F')
 			temp = (temp - 32) * 5 / 9;
 		kelv = temp * 10 + 2732;
 	} else {
 		kelv = (int)strtol(str, &endptr, 10);
-		if (endptr == str || *endptr != '\0')
+		if (errno != 0 || endptr == str ||
+			*endptr != '\0')
 			return (0);
 	}
 	*val = kelv;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201409252237.s8PMbScl041679>