Commit 46005c49 authored by David Zeuthen's avatar David Zeuthen
Browse files

add additional checks when using strtoul

Pointed out by Martin Pitt <martin.pitt@ubuntu.com>.
parent 5f42b40d
......@@ -343,7 +343,7 @@ skip_check:
/*----------------------------------------------------------------------------------------------------*/
requesting_info_for_uid = strtoul (argv[1], &endp, 10);
if (*endp != '\0') {
if (strlen (argv[1]) == 0 || *endp != '\0') {
fprintf (stderr, "polkit-read-auth-helper: requesting_info_for_uid malformed (3)\n");
goto out;
}
......
......@@ -118,7 +118,7 @@ main (int argc, char *argv[])
/*----------------------------------------------------------------------------------------------------*/
requesting_info_for_pid = strtoul (argv[1], &endp, 10);
if (*endp != '\0') {
if (strlen (argv[1]) == 0 || *endp != '\0') {
fprintf (stderr, "polkit-resolve-exe-helper: requesting_info_for_pid malformed\n");
goto out;
}
......
......@@ -183,7 +183,7 @@ _parse_entry (const char *key, const char *value, void *user_data)
epd->cur_attr |= ATTR_PID;
auth->pid = strtoul (value, &ep, 10);
if (*ep != '\0')
if (strlen (value) == 0 || *ep != '\0')
goto error;
} else if (strcmp (key, "pid-start-time") == 0) {
......@@ -193,7 +193,7 @@ _parse_entry (const char *key, const char *value, void *user_data)
epd->cur_attr |= ATTR_PID_START_TIME;
auth->pid_start_time = strtoull (value, &ep, 10);
if (*ep != '\0')
if (strlen (value) == 0 || *ep != '\0')
goto error;
} else if (strcmp (key, "session-id") == 0) {
......@@ -225,7 +225,7 @@ _parse_entry (const char *key, const char *value, void *user_data)
epd->cur_attr |= ATTR_WHEN;
auth->when = strtoull (value, &ep, 10);
if (*ep != '\0')
if (strlen (value) == 0 || *ep != '\0')
goto error;
} else if (strcmp (key, "auth-as") == 0) {
......@@ -235,7 +235,7 @@ _parse_entry (const char *key, const char *value, void *user_data)
epd->cur_attr |= ATTR_AUTH_AS;
auth->authenticated_as_uid = strtoul (value, &ep, 10);
if (*ep != '\0')
if (strlen (value) == 0 || *ep != '\0')
goto error;
} else if (strcmp (key, "granted-by") == 0) {
......@@ -245,7 +245,7 @@ _parse_entry (const char *key, const char *value, void *user_data)
epd->cur_attr |= ATTR_GRANTED_BY;
auth->explicitly_granted_by = strtoul (value, &ep, 10);
if (*ep != '\0')
if (strlen (value) == 0 || *ep != '\0')
goto error;
} else if (strcmp (key, "constraint") == 0) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment