Date: Wed, 2 Jan 2019 20:49:41 +0000 (UTC) From: John Baldwin <jhb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r342708 - in stable: 11/usr.bin/truss 12/usr.bin/truss Message-ID: <201901022049.x02Knfn0018046@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jhb Date: Wed Jan 2 20:49:41 2019 New Revision: 342708 URL: https://svnweb.freebsd.org/changeset/base/342708 Log: MFC 341802: Validate the string size parameter passed to -s. Use strtonum() to reject negative sizes instead of core dumping. PR: 232206 Modified: stable/12/usr.bin/truss/main.c Directory Properties: stable/12/ (props changed) Changes in other areas also in this revision: Modified: stable/11/usr.bin/truss/main.c Directory Properties: stable/11/ (props changed) Modified: stable/12/usr.bin/truss/main.c ============================================================================== --- stable/12/usr.bin/truss/main.c Wed Jan 2 20:31:15 2019 (r342707) +++ stable/12/usr.bin/truss/main.c Wed Jan 2 20:49:41 2019 (r342708) @@ -71,6 +71,7 @@ main(int ac, char **av) struct trussinfo *trussinfo; char *fname; char **command; + const char *errstr; pid_t pid; int c; @@ -118,7 +119,9 @@ main(int ac, char **av) fname = optarg; break; case 's': /* Specified string size */ - trussinfo->strsize = atoi(optarg); + trussinfo->strsize = strtonum(optarg, 0, INT_MAX, &errstr); + if (errstr) + errx(1, "maximum string size is %s: %s", errstr, optarg); break; case 'S': /* Don't trace signals */ trussinfo->flags |= NOSIGS;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201901022049.x02Knfn0018046>