On Fri, Aug 31, 2018 at 06:38:46AM +0800, Honggang LI wrote:
> From: Honggang Li <honli@xxxxxxxxxx>
>
> As all flags are unsigned integer in different size, sanity check the
> value before covert the value to unsigned integer with 'strtoul'.
Isn't strtoul should do his job?
>From man:
"If endptr is not NULL, strtoul() stores the address of the first invalid
character in *endptr".
>
> Signed-off-by: Honggang Li <honli@xxxxxxxxxx>
> ---
> opensm/osm_prtn_config.c | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
>
> diff --git a/opensm/osm_prtn_config.c b/opensm/osm_prtn_config.c
> index f76ad4d4..16b61204 100644
> --- a/opensm/osm_prtn_config.c
> +++ b/opensm/osm_prtn_config.c
> @@ -273,6 +273,19 @@ static int parse_group_flag(unsigned lineno, osm_log_t * p_log,
> {
> int rc = 0;
> int len = strlen(flag);
> +
> + char *tmp = val;
> + while (tmp && '\0' != *tmp) {
> + if (!isxdigit(*tmp)) {
> + OSM_LOG(p_log, OSM_LOG_VERBOSE,
> + "PARSE WARN: line %d: "
> + "suspicious val=(%s) detected. "
> + "flag=(%s)\n", lineno, val, flag);
> + return rc;
> + }
> + tmp++;
> + }
> +
> if (!strncmp(flag, "mtu", len)) {
> rc = 1;
> if (!val || (flags->mtu = strtoul(val, NULL, 0)) == 0)
> --
> 2.14.4
>
