This code in process_value():
value->val = strtol(value->str, &endptr, 10);
if (endptr >= value->str + value->len)
return;
doesn't look sufficient: it's not checking enough problem areas, and it's not complaining if it finds horrible stuff (but I'm not sure that it should complain, or exactly how much we know about the configuration string we're parsing, which is why I'm not just whacking it).
Does this need to be something like:
errno = 0;
value->val = strtol(value->str, &endptr, 10);
if ((value->val == LONG_MIN || value->val == LONG_MAX) && errno == ERANGE)
if (value->str[0] == '\0' || endptr == value->str + value->len)
{ err(valeu was illegal in some way (not sure if we need to check the first byte for validity)) return; }Also, should this be unsigned long (strtoul)? Or, should it support 64-bit values (strtoull, strtoumax?)
Add
- is related to
-
WT-111 Make reverse scans fast
- Closed