xfs_quota: check for size parsing errors

Doing something like

# xfs_quota -x -c 'limit -u bhard=1.2g ...

will cause cvtnum to fail and return a value of -1LL (because it
cannot parse the decimal), but the quota caller doesn't check
for this error value, casts it to U64, shifts right, and we end
up with an answer of 16 petabytes rather than erroring out.
Fix this.

Reviewed-by: Mark Tinguely <tinguely@sgi.com>
Reported-by: James Lawrie <james@jdlawrie.co.uk>
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>

diff --git a/quota/edit.c b/quota/edit.c
index b704e63a8183c1c521aab8f07c24b260298012da..cad3aeece20df16e6ad62adc4ce6e6d883c0b0af 100644 (file)
--- a/quota/edit.c
+++ b/quota/edit.c
@@ -226,13 +226,19 @@ extractb(
        uint            sectorsize,
        __uint64_t      *value)
 {
-       __uint64_t      v;
+       long long       v;
        char            *s = string;
 
        if (strncmp(string, prefix, length) == 0) {
                s = string + length + 1;
-               v = (__uint64_t)cvtnum(blocksize, sectorsize, s);
-               *value = v >> 9;        /* syscalls use basic blocks */
+               v = cvtnum(blocksize, sectorsize, s);
+               if (v == -1LL) {
+                       fprintf(stderr,
+                               _("%s: Error: could not parse size %s.\n"),
+                               progname, s);
+                       return 0;
+               }
+               *value = (__uint64_t)v >> 9;    /* syscalls use basic blocks */
                if (v > 0 && *value == 0)
                        fprintf(stderr, _("%s: Warning: `%s' in quota blocks is 0 (unlimited).\n"), progname, s);
                return 1;