[openssl/openssl] 04f772: Add an OPENSSL_strtoul wrapper

Thu, 18 Jul 2024 10:09:12 -0700 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 04f7729c409afad235737ee6b4edcb78efdc1bfd
      
https://github.com/openssl/openssl/commit/04f7729c409afad235737ee6b4edcb78efdc1bfd
  Author: Neil Horman <nhor...@openssl.org>
  Date:   2024-07-18 (Thu, 18 Jul 2024)

  Changed paths:
    M crypto/o_str.c
    M doc/man3/OPENSSL_malloc.pod
    M include/openssl/crypto.h.in
    M util/libcrypto.num

  Log Message:
  -----------
  Add an OPENSSL_strtoul wrapper

utility function to give us sane checking on strtoul conversions

Reviewed-by: Tom Cosgrove <tom.cosgr...@arm.com>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24861)


  Commit: 863e44c1e0841b7c46f3fa1ddf75870c60105303
      
https://github.com/openssl/openssl/commit/863e44c1e0841b7c46f3fa1ddf75870c60105303
  Author: Neil Horman <nhor...@openssl.org>
  Date:   2024-07-18 (Thu, 18 Jul 2024)

  Changed paths:
    M test/build.info
    A test/recipes/02-test_strtoul.t
    A test/strtoultest.c

  Log Message:
  -----------
  Add a stroul test

Reviewed-by: Tom Cosgrove <tom.cosgr...@arm.com>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24861)


  Commit: 0b67643ade24286dddb0ce1b44a8a8c366e85ecb
      
https://github.com/openssl/openssl/commit/0b67643ade24286dddb0ce1b44a8a8c366e85ecb
  Author: Neil Horman <nhor...@openssl.org>
  Date:   2024-07-18 (Thu, 18 Jul 2024)

  Changed paths:
    M ssl/ssl_conf.c

  Log Message:
  -----------
  Fix coverity-1610057

Coverity caught a error in a recent change, in which atoi was used to
assign a value to two size_t variables, and then checked them for being
>= 0, which will always be true.

given that atoi returns an undefined value (usually zero) in the event
of a failure, theres no good way to check the return value of atoi for
validitiy.

Instead use OPENSSL_strtoul and confirm both that the translation
passed, and that the endptr value is at the NULL terminator (indicating
that the entire string was consumed)

Fixes openssl/private#552

Reviewed-by: Tom Cosgrove <tom.cosgr...@arm.com>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24861)


Compare: https://github.com/openssl/openssl/compare/202ef97edc8e...0b67643ade24

To unsubscribe from these emails, change your notification settings at 
https://github.com/openssl/openssl/settings/notifications

Reply via email to