From 272f4db50c98a7363ef4118ce6053ef58ab32283 Mon Sep 17 00:00:00 2001
From: Arkadiusz Mi?kiewicz <arekm@maven.pl>
Date: Fri, 27 Aug 2010 20:54:36 +0000
Subject: [PATCH] xfsprogs: Validate string -> number conversion

Make sure that numbers passed as string will fit into proper types
when doing string->uid_t/gid_t/prid_t conversion.

(Shortened a few long lines before I committed. -Alex)

Signed-off-by: Arkadiusz Mi?kiewicz <arekm@maven.pl>
Signed-off-by: Alex Elder <aelder@sgi.com>
---
 libxcmd/input.c | 36 ++++++++++++++++++++++++------------
 quota/project.c | 11 +++++++----
 2 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/libxcmd/input.c b/libxcmd/input.c
index 1bc0745a5..d7f29c159 100644
--- a/libxcmd/input.c
+++ b/libxcmd/input.c
@@ -336,16 +336,20 @@ prid_from_string(
 	char		*project)
 {
 	fs_project_t	*prj;
-	prid_t		prid;
+	unsigned long	prid_long;
 	char		*sp;
 
 	/*
 	 * Allow either a full numeric or a valid projectname, even
 	 * if it starts with a digit.
 	 */
-	prid = (prid_t)strtoul(project, &sp, 10);
-	if (*project != '\0' && *sp == '\0')
-		return prid;
+	prid_long = strtoul(project, &sp, 10);
+	if (*project != '\0' && *sp == '\0') {
+		if ((prid_long == ULONG_MAX && errno == ERANGE)
+				|| (prid_long > (prid_t)-1))
+			return -1;
+		return (prid_t)prid_long;
+	}
 	prj = getprnam(project);
 	if (prj)
 		return prj->pr_prid;
@@ -357,12 +361,16 @@ uid_from_string(
 	char		*user)
 {
 	struct passwd	*pwd;
-	uid_t		uid;
+	unsigned long	uid_long;
 	char		*sp;
 
-	uid = (uid_t)strtoul(user, &sp, 10);
-	if (sp != user)
-		return uid;
+	uid_long = strtoul(user, &sp, 10);
+	if (sp != user) {
+		if ((uid_long == ULONG_MAX && errno == ERANGE)
+				|| (uid_long > (uid_t)-1))
+			return -1;
+		return (uid_t)uid_long;
+	}
 	pwd = getpwnam(user);
 	if (pwd)
 		return pwd->pw_uid;
@@ -374,12 +382,16 @@ gid_from_string(
 	char		*group)
 {
 	struct group	*grp;
-	gid_t		gid;
+	unsigned long	gid_long;
 	char		*sp;
 
-	gid = (gid_t)strtoul(group, &sp, 10);
-	if (sp != group)
-		return gid;
+	gid_long = strtoul(group, &sp, 10);
+	if (sp != group) {
+		if ((gid_long == ULONG_MAX && errno == ERANGE)
+				|| (gid_long > (gid_t)-1))
+			return -1;
+		return (gid_t)gid_long;
+	}
 	grp = getgrnam(group);
 	if (grp)
 		return grp->gr_gid;
diff --git a/quota/project.c b/quota/project.c
index 1aacdddd7..b1f160c75 100644
--- a/quota/project.c
+++ b/quota/project.c
@@ -268,7 +268,8 @@ project(
 		count++;
 	}
 
-	printf(_("Processed %d (%s and cmdline) paths for project %s with recursion depth %s (%d).\n"),
+	printf(_("Processed %d (%s and cmdline) paths for project %s with "
+		"recursion depth %s (%d).\n"),
 		 count, projects_file, project,
 		 recurse_depth < 0 ? _("infinite") : _("limited"), recurse_depth);
 }
@@ -322,8 +323,9 @@ project_f(
 
 	if (ispath && argc - optind > 1) {
 		exitcode = 1;
-		fprintf(stderr, _("%s: only one projid/name can be specified when using -p <path>, %d found.\n"),
-				progname, argc - optind);
+		fprintf(stderr, _("%s: only one projid/name can be specified "
+			    "when using -p <path>, %d found.\n"),
+			progname, argc - optind);
 		return 0;
 	}
 
@@ -331,7 +333,8 @@ project_f(
 		prid = prid_from_string(argv[optind]);
 		if (prid == -1) {
 			exitcode = 1;
-			fprintf(stderr, _("%s - no such project in %s\n"),
+			fprintf(stderr, _("%s - no such project in %s "
+				    "or invalid project number\n"),
 				argv[optind], projects_file);
 		} else
 	                project(argv[optind], type);
-- 
2.39.2