fix potential truncation of cli arguments (#367)
strtol() returns a `long`, but we're storing the result in an `int` which might end up getting truncated. change `n` to `long` and guard against >INT_MAX arguments in cases where it matters. use a float for storing argument of `-S` change `opt.slideshow` to `unsigned` similar to `img.ss.delay` Co-authored-by: Berke Kocaoğlu <berke.kocaoglu@metu.edu.tr> Reviewed-on: https://codeberg.org/nsxiv/nsxiv/pulls/367 Reviewed-by: Berke Kocaoğlu <berke.kocaoglu@metu.edu.tr> Reviewed-by: explosion-mental <explosion-mental@noreply.codeberg.org>
This commit is contained in:
parent
e356add07c
commit
daee34477a
2
nsxiv.h
2
nsxiv.h
@ -239,7 +239,7 @@ struct opt {
|
|||||||
bool animate;
|
bool animate;
|
||||||
bool anti_alias;
|
bool anti_alias;
|
||||||
int gamma;
|
int gamma;
|
||||||
int slideshow;
|
unsigned int slideshow;
|
||||||
int framerate;
|
int framerate;
|
||||||
|
|
||||||
/* window: */
|
/* window: */
|
||||||
|
15
options.c
15
options.c
@ -98,7 +98,8 @@ void parse_options(int argc, char **argv)
|
|||||||
{ 0 }, /* end */
|
{ 0 }, /* end */
|
||||||
};
|
};
|
||||||
|
|
||||||
int n, opt;
|
long n, opt;
|
||||||
|
float f;
|
||||||
char *end, *s;
|
char *end, *s;
|
||||||
struct optparse op;
|
struct optparse op;
|
||||||
const char scalemodes[] = "dfFwh"; /* must be sorted according to scalemode_t */
|
const char scalemodes[] = "dfFwh"; /* must be sorted according to scalemode_t */
|
||||||
@ -148,7 +149,7 @@ void parse_options(int argc, char **argv)
|
|||||||
exit(EXIT_FAILURE);
|
exit(EXIT_FAILURE);
|
||||||
case 'A':
|
case 'A':
|
||||||
n = strtol(op.optarg, &end, 0);
|
n = strtol(op.optarg, &end, 0);
|
||||||
if (*end != '\0' || n <= 0)
|
if (*end != '\0' || n <= 0 || n > INT_MAX)
|
||||||
error(EXIT_FAILURE, 0, "Invalid argument for option -A: %s", op.optarg);
|
error(EXIT_FAILURE, 0, "Invalid argument for option -A: %s", op.optarg);
|
||||||
_options.framerate = n;
|
_options.framerate = n;
|
||||||
/* fall through */
|
/* fall through */
|
||||||
@ -172,7 +173,7 @@ void parse_options(int argc, char **argv)
|
|||||||
break;
|
break;
|
||||||
case 'G':
|
case 'G':
|
||||||
n = strtol(op.optarg, &end, 0);
|
n = strtol(op.optarg, &end, 0);
|
||||||
if (*end != '\0')
|
if (*end != '\0' || n < INT_MIN || n > INT_MAX)
|
||||||
error(EXIT_FAILURE, 0, "Invalid argument for option -G: %s", op.optarg);
|
error(EXIT_FAILURE, 0, "Invalid argument for option -G: %s", op.optarg);
|
||||||
_options.gamma = n;
|
_options.gamma = n;
|
||||||
break;
|
break;
|
||||||
@ -187,7 +188,7 @@ void parse_options(int argc, char **argv)
|
|||||||
break;
|
break;
|
||||||
case 'n':
|
case 'n':
|
||||||
n = strtol(op.optarg, &end, 0);
|
n = strtol(op.optarg, &end, 0);
|
||||||
if (*end != '\0' || n <= 0)
|
if (*end != '\0' || n <= 0 || n > INT_MAX)
|
||||||
error(EXIT_FAILURE, 0, "Invalid argument for option -n: %s", op.optarg);
|
error(EXIT_FAILURE, 0, "Invalid argument for option -n: %s", op.optarg);
|
||||||
_options.startnum = n - 1;
|
_options.startnum = n - 1;
|
||||||
break;
|
break;
|
||||||
@ -207,10 +208,10 @@ void parse_options(int argc, char **argv)
|
|||||||
_options.recursive = true;
|
_options.recursive = true;
|
||||||
break;
|
break;
|
||||||
case 'S':
|
case 'S':
|
||||||
n = strtof(op.optarg, &end) * 10;
|
f = strtof(op.optarg, &end) * 10.0f;
|
||||||
if (*end != '\0' || n <= 0)
|
if (*end != '\0' || f <= 0 || f >= (float)UINT_MAX)
|
||||||
error(EXIT_FAILURE, 0, "Invalid argument for option -S: %s", op.optarg);
|
error(EXIT_FAILURE, 0, "Invalid argument for option -S: %s", op.optarg);
|
||||||
_options.slideshow = n;
|
_options.slideshow = (unsigned int)f;
|
||||||
break;
|
break;
|
||||||
case 's':
|
case 's':
|
||||||
s = strchr(scalemodes, op.optarg[0]);
|
s = strchr(scalemodes, op.optarg[0]);
|
||||||
|
Loading…
Reference in New Issue
Block a user