[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: system/3640: installboot dumps core when given a non numeric argument to -s parameter

To: bugs_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org
Subject: Re: system/3640: installboot dumps core when given a non numeric argument to -s parameter
From: Pedro Martelletto <pbastos_(_at_)_rdc_(_dot_)_puc-rio_(_dot_)_br>
Date: Tue, 20 Jan 2004 15:10:32 -0200

Here's a more correct diff. I guess the same applies to alpha's and
sparcs's installboots (by the way, why is alpha's installboot in
alpha/stand and not in alpha/stand/installboot ?) but as I don't have
the appropriate hardware to test, I find better not to meddle with it...

-p.

On Tue, Jan 20, 2004 at 05:25:02AM -0700, Pedro Martelletto wrote:
> The following reply was made to PR system/3640; it has been noted by GNATS.
> 
> From: Pedro Martelletto <pbastos_(_at_)_rdc_(_dot_)_puc-rio_(_dot_)_br>
> To: lsalle_(_at_)_taciturne_(_dot_)_net
> Cc: gnats_(_at_)_openbsd_(_dot_)_org
> Subject: Re: system/3640: installboot dumps core when given a non numeric argument to -s parameter
> Date: Tue, 20 Jan 2004 10:12:40 -0200
> 
>  This is happening because an unchecked atoi() is returning 0, a value
>  that later on the program uses to divide another number by, then causing
>  the floating point exception. The best way to handle that would be using
>  one of strtol/strtoul() and checking for {under,over}flows, but anyway,
>  the attached diff should fix it...
>  
>  -p.
Index: installboot.c
===================================================================
RCS file: /cvs/src/sys/arch/i386/stand/installboot/installboot.c,v
retrieving revision 1.41
diff -u -r1.41 installboot.c
--- installboot.c	2003/08/25 23:27:43	1.41
+++ installboot.c	2004/01/20 17:01:16
@@ -58,6 +58,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
+#include <limits.h>
 #include <unistd.h>
 #include <util.h>
 
@@ -97,8 +98,8 @@
 {
 	int	c;
 	int	devfd;
-	char	*protostore;
-	long	protosize;
+	char	*protostore, *ep;
+	long	protosize, tmpnum;
 	struct stat sb;
 	struct disklabel dl;
 	struct dos_mbr mbr;
@@ -113,11 +114,36 @@
 	while ((c = getopt(argc, argv, "vnh:s:")) != -1) {
 		switch (c) {
 		case 'h':
-			nheads = atoi(optarg);
+			tmpnum = strtol(optarg, &ep, 10);
+			if (*optarg == '\0' || *ep != '\0') {
+				(void)fprintf(stderr, "argument to option "
+				    "-h must be a number\n");
+				usage();
+			}
+			if (tmpnum < 1 || tmpnum >= INT_MAX) {
+				(void)fprintf(stderr, "argument to option "
+				    "-h is out of range\n");
+				usage();
+			}
+
+			nheads = (int)tmpnum;
 			userspec = 1;
 			break;
 		case 's':
-			nsectors = atoi(optarg);
+			tmpnum = strtol(optarg, &ep, 10);
+			if (*optarg == '\0' || *ep != '\0') {
+				(void)fprintf(stderr, "argument to option "
+				    "-s must be a number\n");
+				usage();
+			}
+			(void)fprintf(stderr, "tmpnum = %ld\n", tmpnum);
+			if (tmpnum < 1 || tmpnum >= INT_MAX) {
+				(void)fprintf(stderr, "argument to option "
+				    "-s is out of range\n");
+				usage();
+			}
+
+			nsectors = (int)tmpnum;
 			userspec = 1;
 			break;
 		case 'n':

References:
- Re: system/3640: installboot dumps core when given a non numeric argument to -s parameter
  - From: Pedro Martelletto

Prev by Date: strptime broken?
Next by Date: Re: system/3642: mount_nfs parsing bug, segmentation fault
Previous by thread: Re: system/3640: installboot dumps core when given a non numeric argument to -s parameter
Next by thread: strptime broken?
Index(es):
- Date
- Thread

Visit your host, monkey.org