Page MenuHomeFreeBSD
Differential D56151

rtld: check for overflow in parse_integer()
ClosedPublic
Actions

Authored by kib on Mar 29 2026, 11:09 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jun 11, 11:37 PM
Unknown Object (File)
Thu, May 28, 3:56 AM
Unknown Object (File)
Sun, May 24, 7:11 PM
Unknown Object (File)
May 20 2026, 8:57 PM
Unknown Object (File)
May 14 2026, 2:28 PM
Unknown Object (File)
May 14 2026, 5:34 AM
Unknown Object (File)
May 14 2026, 5:34 AM
Unknown Object (File)
May 14 2026, 1:06 AM
View All 39 Files
Subscribers
bdragon
imp

Details

Reviewers
dim
emaste
markj
Commits
rG7cfffe25da3f: rtld: check for overflow in parse_integer()

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib created this revision.Mar 29 2026, 11:09 PM
Herald added subscribers: bdragon, imp. · View Herald TranscriptMar 29 2026, 11:09 PM
kib requested review of this revision.Mar 29 2026, 11:09 PM
dim added a comment.Mar 30 2026, 11:48 AM

LGTM

markj added inline comments.Mar 30 2026, 11:58 AM
libexec/rtld-elf/rtld.c
6507

Can we use the stdckint.h routines instead? There is no libc dependency there.

dim added inline comments.Mar 30 2026, 12:12 PM
libexec/rtld-elf/rtld.c
6507

Can we use the stdckint.h routines instead? There is no libc dependency there.

You can also avoid the need for wrapping, and avoid unsigned ints, like so:

if (n > INT_MAX / 10)
  return (-1);
n *= 10;
if (n > INT_MAX - (c - '\0'))
  return (-1);
n += (c - '\0');

No need for stdckint.h then, either.

kib updated this revision to Diff 174528.Mar 30 2026, 12:19 PM
kib marked 2 inline comments as done.

Take Dimitry suggestion.

markj accepted this revision.Mar 30 2026, 12:21 PM
This revision is now accepted and ready to land.Mar 30 2026, 12:21 PM
dim accepted this revision.Mar 30 2026, 12:21 PM

LGTM again :)

emaste accepted this revision.Mar 30 2026, 3:20 PM
Closed by commit rG7cfffe25da3f: rtld: check for overflow in parse_integer() (authored by kib). · Explain WhyMar 30 2026, 5:16 PM
This revision was automatically updated to reflect the committed changes.
kib added a commit: rG7cfffe25da3f: rtld: check for overflow in parse_integer().
kib mentioned this in D57549: rtld parse_integer(): support octal and hex C notations.Sat, Jun 13, 12:24 AM

Revision Contents
Changeset List

PathSize
libexec/
rtld-elf/
4 lines

Diff 174570

View Options

libexec/rtld-elf/rtld.c

Loading...