parse-util: detect overflows in parse_percent_unbounded()

We shouldn't accept percentages beyon INT32_MAX and consider them valid.
author: Lennart Poettering <lennart@poettering.net> 2018-01-16 11:50:12 +0100
committer: Sven Eden <yamakuzure@gmx.net> 2018-05-30 07:50:09 +0200
commit: 61d4da11b29f42434b10454355860d44e93b0f07 (patch)
tree: 461aab392c511baf6edc81ad0acd9e650ed5655f /src/basic
parent: ffe6e970850a5685af22379539e4a633a648a60a (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/src/basic/parse-util.c b/src/basic/parse-util.c
index 8d97f017c..54d1081a0 100644
--- a/src/basic/parse-util.c
+++ b/src/basic/parse-util.c
@@ -597,19 +597,20 @@ int parse_fractional_part_u(const char **p, size_t digits, unsigned *res) {
 
 int parse_percent_unbounded(const char *p) {
         const char *pc, *n;
-        unsigned v;
-        int r;
+        int r, v;
 
         pc = endswith(p, "%");
         if (!pc)
                 return -EINVAL;
 
         n = strndupa(p, pc - p);
-        r = safe_atou(n, &v);
+        r = safe_atoi(n, &v);
         if (r < 0)
                 return r;
+        if (v < 0)
+                return -ERANGE;
 
-        return (int) v;
+        return v;
 }
 
 int parse_percent(const char *p) {
author	Lennart Poettering <lennart@poettering.net>	2018-01-16 11:50:12 +0100
committer	Sven Eden <yamakuzure@gmx.net>	2018-05-30 07:50:09 +0200
commit	61d4da11b29f42434b10454355860d44e93b0f07 (patch)
tree	461aab392c511baf6edc81ad0acd9e650ed5655f /src/basic
parent	ffe6e970850a5685af22379539e4a633a648a60a (diff)