diff options
| author | Chong Yidong | 2008-01-10 15:33:52 +0000 |
|---|---|---|
| committer | Chong Yidong | 2008-01-10 15:33:52 +0000 |
| commit | 0b074993158942d393feebc2c237bfe6df1da31e (patch) | |
| tree | 2beb4a1e83d8add9d2c9593f3da84c8e30575c82 | |
| parent | 6eae3ad4eeb2cee3276091c9ef88f1f5f1882ae6 (diff) | |
| download | emacs-0b074993158942d393feebc2c237bfe6df1da31e.tar.gz emacs-0b074993158942d393feebc2c237bfe6df1da31e.zip | |
(pop_stat, pop_last): Check validity of string-to-integer
conversion. Mistakes spotted by Nico Golde.
| -rw-r--r-- | lib-src/pop.c | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/lib-src/pop.c b/lib-src/pop.c index 61c90abe2bf..814575f06d5 100644 --- a/lib-src/pop.c +++ b/lib-src/pop.c | |||
| @@ -352,6 +352,7 @@ pop_stat (server, count, size) | |||
| 352 | int *size; | 352 | int *size; |
| 353 | { | 353 | { |
| 354 | char *fromserver; | 354 | char *fromserver; |
| 355 | char *end_ptr; | ||
| 355 | 356 | ||
| 356 | if (server->in_multi) | 357 | if (server->in_multi) |
| 357 | { | 358 | { |
| @@ -377,7 +378,15 @@ pop_stat (server, count, size) | |||
| 377 | return (-1); | 378 | return (-1); |
| 378 | } | 379 | } |
| 379 | 380 | ||
| 380 | *count = atoi (&fromserver[4]); | 381 | errno = 0; |
| 382 | *count = strtol (&fromserver[4], &end_ptr, 10); | ||
| 383 | /* Check validity of string-to-integer conversion. */ | ||
| 384 | if (fromserver[4] == 0 || *end_ptr != 0 || errno) | ||
| 385 | { | ||
| 386 | strcpy (pop_error, "Unexpected response from POP server in pop_stat"); | ||
| 387 | pop_trash (server); | ||
| 388 | return (-1); | ||
| 389 | } | ||
| 381 | 390 | ||
| 382 | fromserver = index (&fromserver[4], ' '); | 391 | fromserver = index (&fromserver[4], ' '); |
| 383 | if (! fromserver) | 392 | if (! fromserver) |
| @@ -388,7 +397,14 @@ pop_stat (server, count, size) | |||
| 388 | return (-1); | 397 | return (-1); |
| 389 | } | 398 | } |
| 390 | 399 | ||
| 391 | *size = atoi (fromserver + 1); | 400 | errno = 0; |
| 401 | *size = strtol (fromserver + 1, &end_ptr, 10); | ||
| 402 | if (*(fromserver + 1) == 0 || *end_ptr != 0 || errno) | ||
| 403 | { | ||
| 404 | strcpy (pop_error, "Unexpected response from POP server in pop_stat"); | ||
| 405 | pop_trash (server); | ||
| 406 | return (-1); | ||
| 407 | } | ||
| 392 | 408 | ||
| 393 | return (0); | 409 | return (0); |
| 394 | } | 410 | } |
| @@ -913,7 +929,17 @@ pop_last (server) | |||
| 913 | } | 929 | } |
| 914 | else | 930 | else |
| 915 | { | 931 | { |
| 916 | return (atoi (&fromserver[4])); | 932 | char *end_ptr; |
| 933 | int count; | ||
| 934 | errno = 0; | ||
| 935 | count = strtol (&fromserver[4], &end_ptr, 10); | ||
| 936 | if (fromserver[4] == 0 || *end_ptr != 0 || errno) | ||
| 937 | { | ||
| 938 | strcpy (pop_error, "Unexpected response from server in pop_last"); | ||
| 939 | pop_trash (server); | ||
| 940 | return (-1); | ||
| 941 | } | ||
| 942 | return count; | ||
| 917 | } | 943 | } |
| 918 | } | 944 | } |
| 919 | 945 | ||