77b5330e9f
- Fix potential invalid scan results in OpenSCAP (rhbz#2109485) - Remove oscap-remediate service (rhbz#2111358) Resolves: rhbz#2109485 Resolves: rhbz#2111358
72 lines
2.9 KiB
Diff
72 lines
2.9 KiB
Diff
From 55b09ba184c1803a5e1454c44e9e9a5c578dd741 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
|
|
Date: Mon, 25 Jul 2022 17:10:17 +0200
|
|
Subject: [PATCH] Reset errno before strtol
|
|
|
|
This sets errno to 0 before strotol calls after which the errno
|
|
is being checked.
|
|
|
|
Per man 3 strtol:
|
|
Since strtol() can legitimately return 0, LONG_MAX, or
|
|
LONG_MIN (LLONG_MAX or LLONG_MIN for strtoll()) on both success and
|
|
failure, the calling program should set errno to 0 before the call, and
|
|
then determine if an error occurred by checking whether errno has a
|
|
nonzero value after the call.
|
|
|
|
This is inspired by https://github.com/OpenSCAP/openscap/pull/1861.
|
|
---
|
|
src/OVAL/probes/independent/sql57_probe.c | 1 +
|
|
src/OVAL/probes/independent/sql_probe.c | 1 +
|
|
src/OVAL/probes/oval_fts.c | 1 +
|
|
src/OVAL/probes/unix/xinetd_probe.c | 1 +
|
|
4 files changed, 4 insertions(+)
|
|
|
|
diff --git a/src/OVAL/probes/independent/sql57_probe.c b/src/OVAL/probes/independent/sql57_probe.c
|
|
index ce1466635c..2b35750ee2 100644
|
|
--- a/src/OVAL/probes/independent/sql57_probe.c
|
|
+++ b/src/OVAL/probes/independent/sql57_probe.c
|
|
@@ -216,6 +216,7 @@ static int dbURIInfo_parse(dbURIInfo_t *info, const char *conn)
|
|
matchitem1(tok, 'c',
|
|
"onnecttimeout", tmp);
|
|
if (tmp != NULL) {
|
|
+ errno = 0;
|
|
info->conn_timeout = strtol(tmp, NULL, 10);
|
|
|
|
if (errno == ERANGE || errno == EINVAL)
|
|
diff --git a/src/OVAL/probes/independent/sql_probe.c b/src/OVAL/probes/independent/sql_probe.c
|
|
index 2ede89d031..71ba3c08c3 100644
|
|
--- a/src/OVAL/probes/independent/sql_probe.c
|
|
+++ b/src/OVAL/probes/independent/sql_probe.c
|
|
@@ -216,6 +216,7 @@ static int dbURIInfo_parse(dbURIInfo_t *info, const char *conn)
|
|
matchitem1(tok, 'c',
|
|
"onnecttimeout", tmp);
|
|
if (tmp != NULL) {
|
|
+ errno = 0;
|
|
info->conn_timeout = strtol(tmp, NULL, 10);
|
|
|
|
if (errno == ERANGE || errno == EINVAL)
|
|
diff --git a/src/OVAL/probes/oval_fts.c b/src/OVAL/probes/oval_fts.c
|
|
index 1364159c90..f9d0a0c1fd 100644
|
|
--- a/src/OVAL/probes/oval_fts.c
|
|
+++ b/src/OVAL/probes/oval_fts.c
|
|
@@ -729,6 +729,7 @@ OVAL_FTS *oval_fts_open_prefixed(const char *prefix, SEXP_t *path, SEXP_t *filen
|
|
/* max_depth */
|
|
PROBE_ENT_AREF(behaviors, r0, "max_depth", return NULL;);
|
|
SEXP_string_cstr_r(r0, cstr_buff, sizeof cstr_buff - 1);
|
|
+ errno = 0;
|
|
max_depth = strtol(cstr_buff, NULL, 10);
|
|
if (errno == EINVAL || errno == ERANGE) {
|
|
dE("Invalid value of the `%s' attribute: %s", "recurse_direction", cstr_buff);
|
|
diff --git a/src/OVAL/probes/unix/xinetd_probe.c b/src/OVAL/probes/unix/xinetd_probe.c
|
|
index b3375500db..703a07f513 100644
|
|
--- a/src/OVAL/probes/unix/xinetd_probe.c
|
|
+++ b/src/OVAL/probes/unix/xinetd_probe.c
|
|
@@ -1280,6 +1280,7 @@ int op_assign_bool(void *var, char *val)
|
|
*((bool *)(var)) = false;
|
|
} else {
|
|
char *endptr = NULL;
|
|
+ errno = 0;
|
|
*((bool *)(var)) = (bool) strtol (val, &endptr, 2);
|
|
if (errno == EINVAL || errno == ERANGE) {
|
|
return -1;
|