diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2014-05-10 11:42:38 -0700 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2014-05-10 11:43:15 -0700 |
| commit | a7603fa6527cf53a22d5072acb454f65303a3874 (patch) | |
| tree | d02322b3f63955edab8ae3bb25375ebede1577b6 | |
| parent | 03440189a01139418fd554f40ec6e86f3ca143dc (diff) | |
| download | coreutils-a7603fa6527cf53a22d5072acb454f65303a3874.tar.xz | |
shred: fix overflow checking of command-line options
* src/shred.c (main): Limit -n (number of passes) value to
ULONG_MAX, not to UINT32_MAX, since the vars are unsigned long.
Limit the -s (file size) value to OFF_T_MAX.
| -rw-r--r-- | src/shred.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/src/shred.c b/src/shred.c index 607c6be15..f4347e002 100644 --- a/src/shred.c +++ b/src/shred.c @@ -1231,7 +1231,7 @@ main (int argc, char **argv) { uintmax_t tmp; if (xstrtoumax (optarg, NULL, 10, &tmp, NULL) != LONGINT_OK - || MIN (UINT32_MAX, SIZE_MAX / sizeof (int)) < tmp) + || MIN (ULONG_MAX, SIZE_MAX / sizeof (int)) <= tmp) { error (EXIT_FAILURE, 0, _("%s: invalid number of passes"), quotearg_colon (optarg)); @@ -1256,9 +1256,10 @@ main (int argc, char **argv) case 's': { - uintmax_t tmp; - if (xstrtoumax (optarg, NULL, 0, &tmp, "cbBkKMGTPEZY0") - != LONGINT_OK) + intmax_t tmp; + if ((xstrtoimax (optarg, NULL, 0, &tmp, "cbBkKMGTPEZY0") + != LONGINT_OK) + || OFF_T_MAX < tmp) { error (EXIT_FAILURE, 0, _("%s: invalid file size"), quotearg_colon (optarg)); |