Hi,
I changed atoi to strtonum in order to avoid overflows.
fritjof
Index: rcstime.c
===================================================================
RCS file: /cvs/src/usr.bin/rcs/rcstime.c,v
retrieving revision 1.4
diff -u -p -r1.4 rcstime.c
--- rcstime.c 29 Apr 2014 07:44:19 -0000 1.4
+++ rcstime.c 24 Sep 2014 15:06:42 -0000
@@ -36,6 +36,7 @@ rcs_set_tz(char *tz, struct rcs_delta *r
int tzone;
int pos;
char *h, *m;
+ const char *errstr;
struct tm *ltb;
time_t now;
@@ -62,8 +63,8 @@ rcs_set_tz(char *tz, struct rcs_delta *r
memcpy(tb, &rdp->rd_date, sizeof(*tb));
- tzone = atoi(h);
- if ((tzone >= 24) || (tzone <= -24))
+ tzone = strtonum(h, -23, 23, &errstr);
+ if (errstr)
errx(1, "%s: not a known time zone", tz);
if (pos) {
@@ -78,9 +79,9 @@ rcs_set_tz(char *tz, struct rcs_delta *r
tb->tm_hour = 0;
if (m != NULL) {
- tzone = atoi(m);
- if (tzone >= 60)
- errx(1, "%s: not a known time zone", tz);
+ tzone = strtonum(m, 0, 59, &errstr);
+ if (errstr)
+ errx(1, "%s: not a known minute", m);
if ((tb->tm_min + tzone) >= 60) {
tb->tm_hour++;
