diff options
author | Martin Matuska <martin@matuska.org> | 2018-09-23 00:04:36 +0200 |
---|---|---|
committer | Martin Matuska <martin@matuska.org> | 2018-09-23 00:12:22 +0200 |
commit | c16ce12acb997e6ebd81eeb37bf5f9a20e95ea19 (patch) | |
tree | 6bea13264af4c956d18627681093f753b4fb3bec /cpio | |
parent | 23b142e2706dea229ff69adaa7e99b7531efda8e (diff) | |
download | libarchive-c16ce12acb997e6ebd81eeb37bf5f9a20e95ea19.tar.gz |
Correctly process and verify integer arguments passed to bsdcpio and bsdtar
Fixes #1068
Diffstat (limited to 'cpio')
-rw-r--r-- | cpio/cpio.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/cpio/cpio.c b/cpio/cpio.c index 4b8ce792..9dddf417 100644 --- a/cpio/cpio.c +++ b/cpio/cpio.c @@ -134,8 +134,9 @@ main(int argc, char *argv[]) struct cpio _cpio; /* Allocated on stack. */ struct cpio *cpio; const char *errmsg; + char *tptr; int uid, gid; - int opt; + int opt, t; cpio = &_cpio; memset(cpio, 0, sizeof(*cpio)); @@ -204,9 +205,15 @@ main(int argc, char *argv[]) cpio->add_filter = opt; break; case 'C': /* NetBSD/OpenBSD */ - cpio->bytes_per_block = atoi(cpio->argument); - if (cpio->bytes_per_block <= 0) - lafe_errc(1, 0, "Invalid blocksize %s", cpio->argument); + errno = 0; + tptr = NULL; + t = (int)strtol(cpio->argument, &tptr, 10); + if (errno || t <= 0 || *(cpio->argument) == '\0' || + tptr == NULL || *tptr != '\0') { + lafe_errc(1, 0, "Invalid blocksize: %s", + cpio->argument); + } + cpio->bytes_per_block = t; break; case 'c': /* POSIX 1997 */ cpio->format = "odc"; |