[BusyBox 0001104]: miswritten of libbb/bb_strtonum.c in rev 16700 (with patch)

bugs at busybox.net bugs at busybox.net
Tue Nov 28 10:54:45 UTC 2006


The following issue has been CLOSED 
====================================================================== 
http://busybox.net/bugs/view.php?id=1104 
====================================================================== 
Reported By:                rockeychu
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   1104
Category:                   Other
Reproducibility:            always
Severity:                   crash
Priority:                   normal
Status:                     closed
Resolution:                 open
Fixed in Version:           
====================================================================== 
Date Submitted:             11-27-2006 18:13 PST
Last Modified:              11-28-2006 02:54 PST
====================================================================== 
Summary:                    miswritten of libbb/bb_strtonum.c in rev 16700 (with
patch)
Description: 
Reason: "endptr" got random value before passing to "handle_errors" in
function bb_strtoull, bb_strtoll, bb_strtoul and bb_strtol.

Result: wget, ps, etc. can't work any more.


Patch:
Index: libbb/bb_strtonum.c
===================================================================
--- libbb/bb_strtonum.c (revision 16700)
+++ libbb/bb_strtonum.c (working copy)
@@ -49,6 +49,7 @@

 unsigned long long bb_strtoull(const char *arg, char **endp, int base)
 {
+       unsigned long long v;
        char *endptr;

        /* strtoul("  -4200000000") returns 94967296, errno 0 (!) */
@@ -57,35 +58,42 @@

        /* not 100% correct for lib func, but convenient for the caller
*/
        errno = 0;
-       return handle_errors(strtoull(arg, &endptr, base), endp, endptr);
+       v = strtoull(arg, &endptr, base);
+       return handle_errors(v, endp, endptr);
 }

 long long bb_strtoll(const char *arg, char **endp, int base)
 {
+       long long v;
        char *endptr;

        if (arg[0] != '-' && !isalnum(arg[0])) return ret_ERANGE();
        errno = 0;
-       return handle_errors(strtoll(arg, &endptr, base), endp, endptr);
+       v = strtoll(arg, &endptr, base);
+       return handle_errors(v, endp, endptr);
 }

 #if ULONG_MAX != ULLONG_MAX
 unsigned long bb_strtoul(const char *arg, char **endp, int base)
 {
+       unsigned long v;
        char *endptr;

        if (!isalnum(arg[0])) return ret_ERANGE();
        errno = 0;
-       return handle_errors(strtoul(arg, &endptr, base), endp, endptr);
+       v = strtoul(arg, &endptr, base);
+       return handle_errors(v, endp, endptr);
 }

 long bb_strtol(const char *arg, char **endp, int base)
 {
+       long v;
        char *endptr;

        if (arg[0] != '-' && !isalnum(arg[0])) return ret_ERANGE();
        errno = 0;
-       return handle_errors(strtol(arg, &endptr, base), endp, endptr);
+       v = strtol(arg, &endptr, base);
+       return handle_errors(v, endp, endptr);
 }
 #endif


====================================================================== 

---------------------------------------------------------------------- 
 vda - 11-28-06 02:54  
---------------------------------------------------------------------- 
Fixed in rev 16704. Thanks for the report! 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
11-27-06 18:13  rockeychu      New Issue                                    
11-27-06 18:13  rockeychu      Status                   new => assigned     
11-27-06 18:13  rockeychu      Assigned To               => BusyBox         
11-28-06 02:54  vda            Status                   assigned => closed  
11-28-06 02:54  vda            Note Added: 0001826                          
======================================================================




More information about the busybox-cvs mailing list