Re: [Patch]openrcs: atoi to strtonum

Sat, 27 Sep 2014 08:09:06 -0700 

On Fri, Sep 26, 2014 at 09:23:08PM +0200, Fritjof Bornebusch wrote:

> On Wed, Sep 24, 2014 at 10:31:17PM +0200, Otto Moerbeek wrote:
> Hi,
> 
> > On Wed, Sep 24, 2014 at 05:13:47PM +0200, Fritjof Bornebusch wrote:
> > 
> > > Hi,
> > > 
> > > I changed atoi to strtonum in order to avoid overflows.
> > 
> > One concern: atoi() does not mind trailing stuff, while strtonum()
> > does. Did you verify that the strings are just numbers in all cases?
> > 
> 
> according to the code and the manpages there are two different methods
> available to specify the timezone.
> 
> - "LT"
> - +-hh:mm
> 
> "LT" is handled seperatly and the code below - atoi(3) - only converts the 
> hour and 
> minute string values after seperation into int, e.g. "+09:88" -> h = 09; m = 
> 88.
> The + or - sign will be handled in a different part of the code.
> 
> I think this diff won't change functionality.

OK, that looks good. Anybody else wnat to ok this so I can commit?

> 
> 
> >     -Otto
> > 
> 
> fritjof
> 
> > > 
> > > fritjof
> > > 
> > > 
> > > 
> > > Index: rcstime.c
> > > ===================================================================
> > > RCS file: /cvs/src/usr.bin/rcs/rcstime.c,v
> > > retrieving revision 1.4
> > > diff -u -p -r1.4 rcstime.c
> > > --- rcstime.c     29 Apr 2014 07:44:19 -0000      1.4
> > > +++ rcstime.c     24 Sep 2014 15:06:42 -0000
> > > @@ -36,6 +36,7 @@ rcs_set_tz(char *tz, struct rcs_delta *r
> > >   int tzone;
> > >   int pos;
> > >   char *h, *m;
> > > + const char *errstr;
> > >   struct tm *ltb;
> > >   time_t now;
> > >  
> > > @@ -62,8 +63,8 @@ rcs_set_tz(char *tz, struct rcs_delta *r
> > >  
> > >           memcpy(tb, &rdp->rd_date, sizeof(*tb));
> > >  
> > > -         tzone = atoi(h);
> > > -         if ((tzone >= 24) || (tzone <= -24))
> > > +         tzone = strtonum(h, -23, 23, &errstr);
> > > +         if (errstr)
> > >                   errx(1, "%s: not a known time zone", tz);
> > >  
> > >           if (pos) {
> > > @@ -78,9 +79,9 @@ rcs_set_tz(char *tz, struct rcs_delta *r
> > >                   tb->tm_hour = 0;
> > >  
> > >           if (m != NULL) {
> > > -                 tzone = atoi(m);
> > > -                 if (tzone >= 60)
> > > -                         errx(1, "%s: not a known time zone", tz);
> > > +                 tzone = strtonum(m, 0, 59, &errstr);
> > > +                 if (errstr)
> > > +                         errx(1, "%s: not a known minute", m);
> > >  
> > >                   if ((tb->tm_min + tzone) >= 60) {
> > >                           tb->tm_hour++;

Reply via email to