Most of the strtol() and strtoll() functions called
in lfs.c did not check the range of the return value.
This patch fixes those issues.
Change-Id: I9ff51662bf0d2320961a7838da08f09552e9ef1e
Signed-off-by: Jian Yu <yujian@whamcloud.com>
Reviewed-on: https://review.whamcloud.com/41756
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: John L. Hammond <jhammond@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
end_of_loop = *ptr == '\0';
*ptr = '\0';
end_of_loop = *ptr == '\0';
*ptr = '\0';
start_index = strtol(arg, &endptr, 0);
if (endptr == arg) /* no data at all */
break;
start_index = strtol(arg, &endptr, 0);
if (endptr == arg) /* no data at all */
break;
- if (*endptr != '-' && *endptr != '\0') /* has invalid data */
+ if (errno != 0 || start_index < -1 ||
+ (*endptr != '-' && *endptr != '\0'))
break;
end_index = start_index;
if (*endptr == '-') {
break;
end_index = start_index;
if (*endptr == '-') {
end_index = strtol(endptr + 1, &endptr, 0);
end_index = strtol(endptr + 1, &endptr, 0);
+ if (errno != 0 || *endptr != '\0' || end_index < -1)
break;
if (end_index < start_index)
break;
break;
if (end_index < start_index)
break;
lsa.lsa_stripe_off = strtol(optarg, &end, 0);
lsa.lsa_stripe_off = strtol(optarg, &end, 0);
+ if (errno != 0 || *end != '\0' ||
+ lsa.lsa_stripe_off < -1 ||
+ lsa.lsa_stripe_off > LOV_V1_INSANE_STRIPE_COUNT) {
fprintf(stderr,
"%s %s: invalid stripe offset '%s'\n",
progname, argv[0], optarg);
fprintf(stderr,
"%s %s: invalid stripe offset '%s'\n",
progname, argv[0], optarg);
param.fp_exclude_stripe_count = !!neg_opt;
break;
case 'D':
param.fp_exclude_stripe_count = !!neg_opt;
break;
case 'D':
param.fp_max_depth = strtol(optarg, 0, 0);
param.fp_max_depth = strtol(optarg, 0, 0);
+ if (errno != 0 || param.fp_max_depth < 0) {
+ fprintf(stderr,
+ "error: bad maxdepth '%s'\n",
+ optarg);
+ ret = -1;
+ goto err;
+ }
break;
case 'E':
if (optarg[0] == '+') {
break;
case 'E':
if (optarg[0] == '+') {
+ if (argc > optind) {
+ errno = 0;
startrec = strtoll(argv[optind++], NULL, 10);
startrec = strtoll(argv[optind++], NULL, 10);
+ if (errno != 0 || startrec < 0) {
+ fprintf(stderr,
+ "%s changelog: bad startrec\n",
+ progname);
+ return CMD_HELP;
+ }
+ }
+
+ if (argc > optind) {
+ errno = 0;
endrec = strtoll(argv[optind++], NULL, 10);
endrec = strtoll(argv[optind++], NULL, 10);
+ if (errno != 0 || endrec < 0) {
+ fprintf(stderr,
+ "%s changelog: bad endrec\n",
+ progname);
+ return CMD_HELP;
+ }
+ }
rc = llapi_changelog_start(&changelog_priv,
CHANGELOG_FLAG_BLOCK |
rc = llapi_changelog_start(&changelog_priv,
CHANGELOG_FLAG_BLOCK |
if (argc != 4)
return CMD_HELP;
if (argc != 4)
return CMD_HELP;
endrec = strtoll(argv[3], NULL, 10);
endrec = strtoll(argv[3], NULL, 10);
+ if (errno != 0 || endrec < 0) {
+ fprintf(stderr,
+ "%s: bad endrec '%s'\n",
+ argv[0], argv[3]);
+ return CMD_HELP;
+ }
rc = llapi_changelog_clear(argv[1], argv[2], endrec);
rc = llapi_changelog_clear(argv[1], argv[2], endrec);
print_fid = true;
break;
case 'l':
print_fid = true;
break;
case 'l':
linkno = strtol(optarg, &endptr, 10);
linkno = strtol(optarg, &endptr, 10);
+ if (errno != 0 || *endptr != '\0' || linkno < 0) {
fprintf(stderr,
"%s fid2path: invalid linkno '%s'\n",
progname, optarg);
fprintf(stderr,
"%s fid2path: invalid linkno '%s'\n",
progname, optarg);
* that was never implemented. We just pass it
* through for the MDT to ignore.
*/
* that was never implemented. We just pass it
* through for the MDT to ignore.
*/
recno = strtoll(optarg, &endptr, 10);
recno = strtoll(optarg, &endptr, 10);
+ if (errno != 0 || *endptr != '\0' || recno < 0) {
fprintf(stderr,
"%s fid2path: invalid recno '%s'\n",
progname, optarg);
fprintf(stderr,
"%s fid2path: invalid recno '%s'\n",
progname, optarg);
mask |= HS_EXISTS;
break;
case 'i':
mask |= HS_EXISTS;
break;
case 'i':
archive_id = strtol(optarg, &end, 10);
archive_id = strtol(optarg, &end, 10);
+ if (errno != 0 || *end != '\0' || archive_id < 0) {
fprintf(stderr, "invalid archive_id: '%s'\n",
end);
return CMD_HELP;
fprintf(stderr, "invalid archive_id: '%s'\n",
end);
return CMD_HELP;