It's required to check ranges to avoid integer overflow because underlying strtoll() will check only for LLONG_MIN/MAX.
Signed-off-by: Ilya Maximets <[email protected]> --- lib/util.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/util.c b/lib/util.c index 62f5fa2..ac982d5 100644 --- a/lib/util.c +++ b/lib/util.c @@ -700,8 +700,13 @@ str_to_int(const char *s, int base, int *i) { long long ll; bool ok = str_to_llong(s, base, &ll); + + if (!ok || ll < INT_MIN || ll > INT_MAX) { + *i = 0; + return false; + } *i = ll; - return ok; + return true; } bool @@ -709,8 +714,13 @@ str_to_long(const char *s, int base, long *li) { long long ll; bool ok = str_to_llong(s, base, &ll); + + if (!ok || ll < LONG_MIN || ll > LONG_MAX) { + *li = 0; + return false; + } *li = ll; - return ok; + return true; } bool -- 2.7.4 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
