Stricter check for integer overflow.

author: ru <ru@FreeBSD.org> 2008-04-24 07:49:00 +0000
committer: ru <ru@FreeBSD.org> 2008-04-24 07:49:00 +0000
commit: c17c108c2a09d1d7bf24e6726e8165b3dbf8749e (patch)
tree: 5d8f9178631111f6abf139a34d6f13038c08572d /lib/libc
parent: 0248cb5a7774eff1141218463b802240ee14f5b4 (diff)
download: FreeBSD-src-c17c108c2a09d1d7bf24e6726e8165b3dbf8749e.zip
FreeBSD-src-c17c108c2a09d1d7bf24e6726e8165b3dbf8749e.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/libc/stdlib/strfmon.c b/lib/libc/stdlib/strfmon.c
index 20c69be..f12c8de 100644
--- a/lib/libc/stdlib/strfmon.c
+++ b/lib/libc/stdlib/strfmon.c
@@ -65,6 +65,8 @@ __FBSDID("$FreeBSD$");
 #define GET_NUMBER(VAR)	do {					\
 	VAR = 0;						\
 	while (isdigit((unsigned char)*fmt)) {			\
+		if (VAR > INT_MAX / 10)				\
+			goto e2big_error;			\
 		VAR *= 10;					\
 		VAR += *fmt - '0';				\
 		if (VAR < 0)					\
author	ru <ru@FreeBSD.org>	2008-04-24 07:49:00 +0000
committer	ru <ru@FreeBSD.org>	2008-04-24 07:49:00 +0000
commit	c17c108c2a09d1d7bf24e6726e8165b3dbf8749e (patch)
tree	5d8f9178631111f6abf139a34d6f13038c08572d /lib/libc
parent	0248cb5a7774eff1141218463b802240ee14f5b4 (diff)
download	FreeBSD-src-c17c108c2a09d1d7bf24e6726e8165b3dbf8749e.zip FreeBSD-src-c17c108c2a09d1d7bf24e6726e8165b3dbf8749e.tar.gz