Just to be sure we are reading correct data, the number build by
getword_atoll is checked for any overflow.
{
int x;
int sign=+1;
+ int digit;
if (gwarea->current[0] == '-') {
gwarea->current++;
}
*number=0LL;
for(x=0;isdigit(gwarea->current[x]);x++) {
- *number=(*number * 10) + gwarea->current[x]-'0';
+ digit=gwarea->current[x]-'0';
+ if (*number >= (LLONG_MAX-digit)/10) {
+ debuga(_("Integer overflow detected in getword_atoll in line %s\n"),gwarea->beginning);
+ return(-1);
+ }
+ *number=(*number * 10) + digit;
}
if(gwarea->current[x] && gwarea->current[x]!=stop) {
printf("SARG: getword_atoll loop detected after %d bytes.\n",x);