Uploaded image for project: 'WiredTiger'
  1. WiredTiger
  2. WT-82

process_value() doesn't handle bad values

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: WT1.0
    • Component/s: None
    • Labels:

      Description

      This code in process_value():

      value->val = strtol(value->str, &endptr, 10);
      if (endptr >= value->str + value->len)
      return;
      doesn't look sufficient: it's not checking enough problem areas, and it's not complaining if it finds horrible stuff (but I'm not sure that it should complain, or exactly how much we know about the configuration string we're parsing, which is why I'm not just whacking it).

      Does this need to be something like:

      errno = 0;
      value->val = strtol(value->str, &endptr, 10);
      if ((value->val == LONG_MIN || value->val == LONG_MAX) && errno == ERANGE)

      { err(value is out-of-range) return }

      if (value->str[0] == '\0' || endptr == value->str + value->len)

      { err(valeu was illegal in some way (not sure if we need to check the first byte for validity)) return; }

      Also, should this be unsigned long (strtoul)? Or, should it support 64-bit values (strtoull, strtoumax?)

      Add

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              michael.cahill Michael Cahill
              Reporter:
              wiredtiger WiredTiger
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: