34 lines
1.2 KiB
Diff
34 lines
1.2 KiB
Diff
commit 5adda61f62b77384718b4c0d8336ade8f2b4b35c
|
|
Author: Andreas Schwab <schwab@linux-m68k.org>
|
|
Date: Fri Jun 25 15:02:47 2021 +0200
|
|
|
|
wordexp: handle overflow in positional parameter number (bug 28011)
|
|
|
|
Use strtoul instead of atoi so that overflow can be detected.
|
|
|
|
diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
|
|
index cc29840355e047cc..30c1dd65efcc0b49 100644
|
|
--- a/posix/wordexp-test.c
|
|
+++ b/posix/wordexp-test.c
|
|
@@ -200,6 +200,7 @@ struct test_case_struct
|
|
{ 0, NULL, "$var", 0, 0, { NULL, }, IFS },
|
|
{ 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS },
|
|
{ 0, NULL, "", 0, 0, { NULL, }, IFS },
|
|
+ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, }, IFS },
|
|
|
|
/* Flags not already covered (testit() has special handling for these) */
|
|
{ 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", }, IFS },
|
|
diff --git a/posix/wordexp.c b/posix/wordexp.c
|
|
index 048a8068544c81fa..4061969c720f1f34 100644
|
|
--- a/posix/wordexp.c
|
|
+++ b/posix/wordexp.c
|
|
@@ -1420,7 +1420,7 @@ envsubst:
|
|
/* Is it a numeric parameter? */
|
|
else if (isdigit (env[0]))
|
|
{
|
|
- int n = atoi (env);
|
|
+ unsigned long n = strtoul (env, NULL, 10);
|
|
|
|
if (n >= __libc_argc)
|
|
/* Substitute NULL. */
|