certtool: check for overflows when reading serial numbers

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2015-01-04 22:43:00 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2015-01-04 22:45:10 +0100
commit: 0177118d9f72a6531dccbfd6158089abec2ef0ab (patch)
tree: b8610f09f320277770583c72994784bd57f9397c /src
parent: 1be0c768bba870735d8e913ec18e1c2308011e9e (diff)
download: gnutls-0177118d9f72a6531dccbfd6158089abec2ef0ab.tar.gz
1 files changed, 16 insertions, 0 deletions
diff --git a/src/certtool-cfg.c b/src/certtool-cfg.c
index 187d39cc89..06dcacf202 100644
--- a/src/certtool-cfg.c
+++ b/src/certtool-cfg.c
@@ -248,6 +248,20 @@ void cfg_init(void)
       s_name = 1; \
     }
 
+#if SIZEOF_LONG == 8
+# define CHECK_INT64_OVERFLOW(x) \
+      if (x == LONG_MAX) { \
+      	fprintf(stderr, "overflow in number\n"); \
+      	exit(1); \
+      }
+#else
+# define CHECK_INT64_OVERFLOW(x) \
+      if (x == LLONG_MAX) { \
+      	fprintf(stderr, "overflow in number\n"); \
+      	exit(1); \
+      }
+#endif
+
 #define READ_NUMERIC(name, s_name) \
   val = optionGetValue(pov, name); \
   if (val != NULL) \
@@ -410,6 +424,8 @@ int template_parse(const char *template)
 
 
 	READ_NUMERIC("serial", cfg.serial);
+	CHECK_INT64_OVERFLOW(cfg.serial);
+
 	READ_NUMERIC("expiration_days", cfg.expiration_days);
 	READ_NUMERIC("crl_next_update", cfg.crl_next_update);
 	READ_NUMERIC("crl_number", cfg.crl_number);
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2015-01-04 22:43:00 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2015-01-04 22:45:10 +0100
commit	0177118d9f72a6531dccbfd6158089abec2ef0ab (patch)
tree	b8610f09f320277770583c72994784bd57f9397c /src
parent	1be0c768bba870735d8e913ec18e1c2308011e9e (diff)
download	gnutls-0177118d9f72a6531dccbfd6158089abec2ef0ab.tar.gz