On Mon, 23 Mar 2009, Guillem Jover wrote: > > You added an unwanted "*" in the check. I'll commit it soon after tests. > > Before closing this bug, I'd like to get all other instances of strto* > in the source tree reviewed, for this kind of missing checks or other > flacky usage.
Fortunately there aren't many such calls: dpkg-deb/extract.c: r = strtol(lintbuf, &endp, 10); The content of lintbuf is copied from a set of non-null bytes. And the length of data copied is never null. dpkg-split/queue.c: pq->info.maxpartlen= strtol(p,&q,16); if (q==p || *q++ != '.') return 0; dpkg-split/queue.c: p=q; pq->info.thispartn= (int)strtol(p,&q,16); if (q==p || *q++ != '.') return 0; dpkg-split/queue.c: p=q; pq->info.maxpartn= (int)strtol(p,&q,16); if (q==p || *q) return 0; The check includes q==p so it's fine. dpkg-split/main.c: newpartsize= strtol(value,&endp,10); dpkg-split/info.c: r= strtoul(value,&endp,10); Those two should be fixed as well. lib/showpkg.c: w=strtol(ws+1,&endptr,0); This one is fine. lib/parsehelp.c: epoch= strtoul(string,&eepochcolon,10); This one is ok if we want to accept that ":1" == "0:1" as version number. src/filesdb.c: fso->uid=strtol(thisline + 1, &endptr, 10); src/filesdb.c: fso->gid=strtol(thisline + 1, &endptr, 10); src/filesdb.c: fso->mode=strtol(thisline, &endptr, 8); Those have to be fixed as well. It's particularly bad as what would look like to a comment for any admin is in fact interpreted like a uid==0 by the code. src/main.c: f_debug= strtoul(value,&endp,8); src/main.c: v= strtoul(value,&ep,0); src/main.c: v= strtoul(value,&ep,0); Must be fixed too. src/main.c: if ((infd= strtol(pipein, (char **)NULL, 10)) == -1) Clearly wrong too. utils/start-stop-daemon.c: ul = strtoul(string, &ep, 10); utils/start-stop-daemon.c: *value_r = strtoul(string, NULL, 0); One is ok, the other not. I'll commit fixes for all these later. Cheers, -- Raphaël Hertzog Contribuez à Debian et gagnez un cahier de l'admin Debian Lenny : http://www.ouaza.com/wp/2009/03/02/contribuer-a-debian-gagner-un-livre/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
