Page MenuHomeFreeBSD
Differential D56151

rtld: check for overflow in parse_integer()
ClosedPublic
Actions

Authored by kib on Mar 29 2026, 11:09 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Apr 27, 2:01 PM
Unknown Object (File)
Mon, Apr 27, 8:29 AM
Unknown Object (File)
Sat, Apr 25, 5:24 AM
Unknown Object (File)
Fri, Apr 24, 5:04 PM
Unknown Object (File)
Mon, Apr 20, 4:10 PM
Unknown Object (File)
Mon, Apr 20, 4:10 PM
Unknown Object (File)
Fri, Apr 17, 12:15 PM
Unknown Object (File)
Thu, Apr 16, 10:54 PM
View All 27 Files
Subscribers
bdragon
imp

Details

Reviewers
dim
emaste
markj
Commits
rG7cfffe25da3f: rtld: check for overflow in parse_integer()

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib created this revision.Mar 29 2026, 11:09 PM
Herald added subscribers: bdragon, imp. · View Herald TranscriptMar 29 2026, 11:09 PM
kib requested review of this revision.Mar 29 2026, 11:09 PM
dim added a comment.Mar 30 2026, 11:48 AM

LGTM

markj added inline comments.Mar 30 2026, 11:58 AM
libexec/rtld-elf/rtld.c
6507

Can we use the stdckint.h routines instead? There is no libc dependency there.

dim added inline comments.Mar 30 2026, 12:12 PM
libexec/rtld-elf/rtld.c
6507

Can we use the stdckint.h routines instead? There is no libc dependency there.

You can also avoid the need for wrapping, and avoid unsigned ints, like so:

if (n > INT_MAX / 10)
  return (-1);
n *= 10;
if (n > INT_MAX - (c - '\0'))
  return (-1);
n += (c - '\0');

No need for stdckint.h then, either.

kib updated this revision to Diff 174528.Mar 30 2026, 12:19 PM
kib marked 2 inline comments as done.

Take Dimitry suggestion.

markj accepted this revision.Mar 30 2026, 12:21 PM
This revision is now accepted and ready to land.Mar 30 2026, 12:21 PM
dim accepted this revision.Mar 30 2026, 12:21 PM

LGTM again :)

emaste accepted this revision.Mar 30 2026, 3:20 PM
Closed by commit rG7cfffe25da3f: rtld: check for overflow in parse_integer() (authored by kib). · Explain WhyMar 30 2026, 5:16 PM
This revision was automatically updated to reflect the committed changes.
kib added a commit: rG7cfffe25da3f: rtld: check for overflow in parse_integer().

Revision Contents
Changeset List

PathSize
libexec/
rtld-elf/
4 lines

Diff 174570

View Options

libexec/rtld-elf/rtld.c

Loading...