Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sbin/raidctl Better sanity check numbers given to raidctl(8)
details: https://anonhg.NetBSD.org/src/rev/5377e8bf8b65
branches: trunk
changeset: 338488:5377e8bf8b65
user: manu <manu%NetBSD.org@localhost>
date: Wed May 27 15:31:15 2015 +0000
description:
Better sanity check numbers given to raidctl(8)
Replace atoi(3) by strtol(3), and check that numbers are valid,
positive, and in int32_t range. The previous lack of check could
silently lead to the same serial being set to all RAID volumes
for instance because given numbers were bigger than INT_MAX. The
consequence is in an awful mess when RAIDframe would mix volumes...
diffstat:
sbin/raidctl/raidctl.c | 34 +++++++++++++++++++++++++++++-----
1 files changed, 29 insertions(+), 5 deletions(-)
diffs (76 lines):
diff -r 543ccbb6271b -r 5377e8bf8b65 sbin/raidctl/raidctl.c
--- a/sbin/raidctl/raidctl.c Wed May 27 15:18:29 2015 +0000
+++ b/sbin/raidctl/raidctl.c Wed May 27 15:31:15 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: raidctl.c,v 1.57 2014/04/03 18:54:10 christos Exp $ */
+/* $NetBSD: raidctl.c,v 1.58 2015/05/27 15:31:15 manu Exp $ */
/*-
* Copyright (c) 1996, 1997, 1998 The NetBSD Foundation, Inc.
@@ -39,7 +39,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: raidctl.c,v 1.57 2014/04/03 18:54:10 christos Exp $");
+__RCSID("$NetBSD: raidctl.c,v 1.58 2015/05/27 15:31:15 manu Exp $");
#endif
@@ -85,6 +85,7 @@
static void get_time_string(char *, int);
static void rf_output_pmstat(int, int);
static void rf_pm_configure(int, int, char *, int[]);
+static unsigned int _strtoud(char *);
int verbose;
@@ -183,7 +184,7 @@
break;
case 'I':
action = RAIDFRAME_INIT_LABELS;
- serial_number = atoi(optarg);
+ serial_number = _strtoud(optarg);
num_options++;
break;
case 'm':
@@ -195,11 +196,11 @@
action = RAIDFRAME_PARITYMAP_SET_DISABLE;
parityconf = strdup(optarg);
num_options++;
- /* XXXjld: should rf_pm_configure do the atoi()s? */
+ /* XXXjld: should rf_pm_configure do the strtol()s? */
i = 0;
while (i < 3 && optind < argc &&
isdigit((int)argv[optind][0]))
- parityparams[i++] = atoi(argv[optind++]);
+ parityparams[i++] = _strtoud(argv[optind++]);
while (i < 3)
parityparams[i++] = 0;
break;
@@ -1158,3 +1159,26 @@
exit(1);
/* NOTREACHED */
}
+
+static unsigned int
+_strtoud(char *str)
+{
+ long num;
+ char *ep;
+
+ errno = 0;
+ num = strtol(str, &ep, 10);
+ if (str[0] == '\0' || *ep != '\0')
+ errx(1, "Not a number: %s", str);
+
+ if (errno)
+ err(1, "Inavlid number %s", str);
+
+ if (num < 0)
+ errx(1, "Negative number: %s", str);
+
+ if (num > INT_MAX)
+ errx(1, "Number too large: %s", str);
+
+ return (unsigned int)num;
+}
Home |
Main Index |
Thread Index |
Old Index