udevadm: prevent segfault in blkid builtin when offset not specified

"--offset" takes an optional argument; if none is specified,
stroull() will attempt to parse a NULL pointer. For example:

$ udevadm test-builtin 'blkid --offset' /sys/dev/block/8:1

Update "--offset" to require an argument; also verify that the
offset is not negative.

diff --git a/src/udev/udev-builtin-blkid.c b/src/udev/udev-builtin-blkid.c
index 6ff244e96ce5387d70c07d99dc92dbc6576a82cb..eeed803f57262b038a42f9b843ee68cdbc3b3d5f 100644 (file)
--- a/src/udev/udev-builtin-blkid.c
+++ b/src/udev/udev-builtin-blkid.c
@@ -35,6 +35,7 @@
 #include "efivars.h"
 #include "fd-util.h"
 #include "gpt.h"
+#include "parse-util.h"
 #include "string-util.h"
 #include "udev.h"
 
@@ -236,7 +237,7 @@ static int builtin_blkid(struct udev_device *dev, int argc, char *argv[], bool t
         bool is_gpt = false;
 
         static const struct option options[] = {
-                { "offset", optional_argument, NULL, 'o' },
+                { "offset", required_argument, NULL, 'o' },
                 { "noraid", no_argument, NULL, 'R' },
                 {}
         };
@@ -244,13 +245,19 @@ static int builtin_blkid(struct udev_device *dev, int argc, char *argv[], bool t
         for (;;) {
                 int option;
 
-                option = getopt_long(argc, argv, "oR", options, NULL);
+                option = getopt_long(argc, argv, "o:R", options, NULL);
                 if (option == -1)
                         break;
 
                 switch (option) {
                 case 'o':
-                        offset = strtoull(optarg, NULL, 0);
+                        err = safe_atoi64(optarg, &offset);
+                        if (err < 0)
+                                goto out;
+                        if (offset < 0) {
+                                err = -ERANGE;
+                                goto out;
+                        }
                         break;
                 case 'R':
                         noraid = true;