diff options
author | Nick Wellnhofer <wellnhofer@aevum.de> | 2023-04-20 16:22:11 +0200 |
---|---|---|
committer | Nick Wellnhofer <wellnhofer@aevum.de> | 2023-04-20 16:22:11 +0200 |
commit | db32b09d505b2a87fc0ed5eb5f08ff344c735088 (patch) | |
tree | eb0ee98fda53d943aebad7c06f10aa2b37df4aaf | |
parent | 250faf3c832d998baa559ca1a1c61935235aba20 (diff) | |
download | libxml2-db32b09d505b2a87fc0ed5eb5f08ff344c735088.tar.gz |
xmllint: Validate --maxmem integer option
Fixes #520.
-rw-r--r-- | xmllint.c | 25 |
1 files changed, 21 insertions, 4 deletions
@@ -14,6 +14,8 @@ #include <stdlib.h> #include <assert.h> #include <time.h> +#include <errno.h> +#include <limits.h> #ifdef HAVE_SYS_TIME_H #include <sys/time.h> @@ -3085,10 +3087,25 @@ main(int argc, char **argv) { if ((!strcmp(argv[i], "-maxmem")) || (!strcmp(argv[i], "--maxmem"))) { - i++; - if ((i >= argc) || (sscanf(argv[i], "%d", &maxmem) != 1)) { - maxmem = 0; - } + char *val_end; + long val; + + i++; + if (i >= argc) { + fprintf(stderr, "maxmem: missing integer value\n"); + return(XMLLINT_ERR_UNCLASS); + } + errno = 0; + val = strtol(argv[i], &val_end, 10); + if (errno == EINVAL || *val_end != 0) { + fprintf(stderr, "maxmem: invalid integer: %s\n", argv[i]); + return(XMLLINT_ERR_UNCLASS); + } + if (errno != 0 || val < 0 || val > INT_MAX) { + fprintf(stderr, "maxmem: integer out of range: %s\n", argv[i]); + return(XMLLINT_ERR_UNCLASS); + } + maxmem = val; } } if (maxmem != 0) |