[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5165) strtoul(3) might be used incorrectly

To: openldap-its@OpenLDAP.org
Subject: (ITS#5165) strtoul(3) might be used incorrectly
From: ando@sys-net.it
Date: Tue, 2 Oct 2007 21:39:02 GMT

Full_Name: Pierangelo Masarati
Version: HEAD/re24/re23
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (81.72.89.40)
Submitted by: ando


Occasionally, strtoul(3) is used in slapd(8) to parse integers that are expected
to be unsigned.  It seems that strtoul(3) is used under the assumption that it
will fail if a negative number is encountered.  This is not the case; in fact,
by design, negative numbers are read as positive, and negated.  If negative
numbers are not allowed, strtol(3) should be used instead, and the value should
be checked (or the string should be checked for '-' before calling strtoul(3).

p.

Prev by Date: Re: Issues with syncrepl and mirrormode
Next by Date: Re: (ITS#5161) delta-syncrepl mutex lockup
Index(es):
- Chronological
- Thread