]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
certtool: check for overflows when reading serial numbers
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sun, 4 Jan 2015 21:43:00 +0000 (22:43 +0100)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Sun, 4 Jan 2015 21:45:10 +0000 (22:45 +0100)
src/certtool-cfg.c

index 187d39cc89380c2c5f2b45ff30d3d13aadc1950a..06dcacf20269a85d5303ef968d5dc478da4abab6 100644 (file)
@@ -248,6 +248,20 @@ void cfg_init(void)
       s_name = 1; \
     }
 
+#if SIZEOF_LONG == 8
+# define CHECK_INT64_OVERFLOW(x) \
+      if (x == LONG_MAX) { \
+       fprintf(stderr, "overflow in number\n"); \
+       exit(1); \
+      }
+#else
+# define CHECK_INT64_OVERFLOW(x) \
+      if (x == LLONG_MAX) { \
+       fprintf(stderr, "overflow in number\n"); \
+       exit(1); \
+      }
+#endif
+
 #define READ_NUMERIC(name, s_name) \
   val = optionGetValue(pov, name); \
   if (val != NULL) \
@@ -410,6 +424,8 @@ int template_parse(const char *template)
 
 
        READ_NUMERIC("serial", cfg.serial);
+       CHECK_INT64_OVERFLOW(cfg.serial);
+
        READ_NUMERIC("expiration_days", cfg.expiration_days);
        READ_NUMERIC("crl_next_update", cfg.crl_next_update);
        READ_NUMERIC("crl_number", cfg.crl_number);