[Lldb-commits] [PATCH] UriParser - fixed potential buffer overrun
Vince Harron
vharron at google.com
Mon Jan 12 11:31:49 PST 2015
strtoul == "string to unsigned long" only accepts positive numbers
On Mon, Jan 12, 2015 at 11:00 AM, Oleksiy Vyalov <ovyalov at google.com> wrote:
> REPOSITORY
> rL LLVM
>
> ================
> Comment at: /Users/vharron/ll/svn/lldb/source/Utility/UriParser.cpp:42
> @@ -42,1 +41,3 @@
> + char* end = nullptr;
> int port_tmp = strtoul(port_buf, &end, 10);
> + if (*end != 0 || port_tmp > 65535)
> ----------------
> You may define port_tmp as auto instead of integer - otherwise if result
> of strtoul is greater than MAX_INT but less than max of unsigned long int
> it might be just a negative number.
>
> ================
> Comment at: /Users/vharron/ll/svn/lldb/source/Utility/UriParser.cpp:43
> @@ -42,3 +42,3 @@
> int port_tmp = strtoul(port_buf, &end, 10);
> - if (*end != 0)
> + if (*end != 0 || port_tmp > 65535)
> {
> ----------------
> Check for portr_tmp <= 0?
>
> http://reviews.llvm.org/D6918
>
> EMAIL PREFERENCES
> http://reviews.llvm.org/settings/panel/emailpreferences/
>
>
>
--
Vince Harron | Technical Lead Manager | vharron at google.com | 858-442-0868
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/lldb-commits/attachments/20150112/3cc0bcc7/attachment.html>
More information about the lldb-commits
mailing list