jcs.org
jcs's openbsd hax
openbsd
use strtonum() to parse numeric option values instead of atoi()
looks reasonable to deraadt
ok/improvements bluhm@
+14
-4
+14
-4
usr.bin/patch/patch.c
+14
-4
usr.bin/patch/patch.c
···
1
-
/* $OpenBSD: patch.c,v 1.76 2024/03/22 19:22:23 jcs Exp $ */
1
+
/* $OpenBSD: patch.c,v 1.77 2024/08/30 07:11:02 op Exp $ */
2
2
3
3
/*
4
4
* patch - a program to apply diffs to original files
···
542
542
{NULL, 0, 0, 0}
543
543
};
544
544
int ch;
545
+
const char *errstr;
545
546
546
547
rejname[0] = '\0';
547
548
Argc_last = Argc;
···
598
599
force = true;
599
600
break;
600
601
case 'F':
601
-
maxfuzz = atoi(optarg);
602
+
maxfuzz = strtonum(optarg, 0, INT_MAX, &errstr);
603
+
if (errstr != NULL)
604
+
fatal("maximum fuzz is %s: %s\n",
605
+
errstr, optarg);
602
606
break;
603
607
case 'i':
604
608
if (++filec == MAXFILEC)
···
618
622
outname = xstrdup(optarg);
619
623
break;
620
624
case 'p':
621
-
strippath = atoi(optarg);
625
+
strippath = strtonum(optarg, 0, INT_MAX, &errstr);
626
+
if (errstr != NULL)
627
+
fatal("strip count is %s: %s\n",
628
+
errstr, optarg);
622
629
break;
623
630
case 'r':
624
631
if (strlcpy(rejname, optarg,
···
647
654
break;
648
655
#ifdef DEBUGGING
649
656
case 'x':
650
-
debug = atoi(optarg);
657
+
debug = strtonum(optarg, 0, INT_MAX, &errstr);
658
+
if (errstr != NULL)
659
+
fatal("debug number is %s: %s\n",
660
+
errstr, optarg);
651
661
break;
652
662
#endif
653
663
default: