William Orr <[email protected]> writes:
> diff --git a/lib/attr-decode.c b/lib/attr-decode.c
> index bcd6bb2..20320e6 100644
> --- a/lib/attr-decode.c
> +++ b/lib/attr-decode.c
> @@ -249,7 +249,7 @@ decode_number(struct webauth_context *ctx, struct value
> *value,
> if (ascii) {
> errno = 0;
> *output = strtoul(value->data,&end, 10);
> - if (*end != '\0' || (*output == ULONG_MAX&& errno != 0))
> + if (*end != '\0' || (*output == UINT32_MAX&& errno != 0))
> goto corrupt;
Oh, ugh. That code is actually just wrong; I don't think there's any
guarantee that truncation of ULONG_MAX to a uint32_t will result in
UINT32_MAX. Fixed thusly with a temporary:
--- a/lib/attr-decode.c
+++ b/lib/attr-decode.c
@@ -245,12 +245,14 @@ decode_number(struct webauth_context *ctx, struct value
*value,
{
char *end;
uint32_t data;
+ unsigned long n;
if (ascii) {
errno = 0;
- *output = strtoul(value->data, &end, 10);
- if (*end != '\0' || (*output == ULONG_MAX && errno != 0))
+ n = strtoul(value->data, &end, 10);
+ if (*end != '\0' || (n == ULONG_MAX && errno != 0))
goto corrupt;
+ *output = n;
} else {
if (value->length != sizeof(uint32_t))
goto corrupt;
Thanks! Good catch.
Now that I think about it, this should really ensure that n isn't greater
than UINT32_MAX, but I need to do some research and make sure that
UINT32_MAX is portable, or add some portability glue.
> --- a/modules/ldap/mod_webauthldap.c
> +++ b/modules/ldap/mod_webauthldap.c
> @@ -711,7 +711,7 @@ webauthldap_dosearch(MWAL_LDAP_CTXT* lc)
> }
> if (lc->sconf->debug)
> ap_log_error(APLOG_MARK, APLOG_INFO, 0, lc->r->server,
> - "webauthldap(%s): search returned %d entries",
> + "webauthldap(%s): search returned %zu entries",
> lc->r->user, lc->numEntries);
> }
> ldap_msgfree(res);
Sadly, %zu isn't supported by APR 0.9 so far as I can tell, and we're
still trying to be backward-compatible to RHEL 4. I added a cast to
unsigned long and changed it to %lu.
--
Russ Allbery <[email protected]>
Technical Lead, ITS Infrastructure Delivery Group, Stanford University
