From afe7d11926fe147c50c0434e4653f6ab447b3320 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torgeir=20Lerker=C3=B8d?= Date: Wed, 3 Aug 2011 20:45:05 +0200 Subject: [PATCH] libreplace:Support atoll CVE-2011-2522 introduced the dependency on atoll. Atoll is not supported on AIX 5.1, HP-UX 11, OSF/1 5.1, Interix 3.5. This patch adds a replace function for atoll based on http://pubs.opengroup.org/onlinepubs/9699919799/functions/atoll.html Patch includes: * Waf test * Configure test * actual code to libreplace for atoll * added testcase to replacetest The replacement was possible, because strtoll is allready supported by libreplace. --- lib/replace/libreplace.m4 | 1 + lib/replace/replace.c | 15 +++++++++++++++ lib/replace/replace.h | 5 +++++ lib/replace/test/testsuite.c | 21 +++++++++++++++++++++ lib/replace/wscript | 1 + 5 files changed, 43 insertions(+), 0 deletions(-) diff --git a/lib/replace/libreplace.m4 b/lib/replace/libreplace.m4 index 808d5d1..2dfbb03 100644 --- a/lib/replace/libreplace.m4 +++ b/lib/replace/libreplace.m4 @@ -242,6 +242,7 @@ AC_HAVE_DECL(environ, [#include ]) AC_CHECK_FUNCS(strnlen) AC_CHECK_FUNCS(strtoull __strtoull strtouq strtoll __strtoll strtoq) +AC_CHECK_FUNCS(atoll) AC_CHECK_FUNCS(memmem) diff --git a/lib/replace/replace.c b/lib/replace/replace.c index d9a96ff..cf47bd7 100644 --- a/lib/replace/replace.c +++ b/lib/replace/replace.c @@ -579,6 +579,21 @@ unsigned long long int rep_strtoull(const char *str, char **endptr, int base) #endif /* HAVE_BSD_STRTOLL */ #endif /* HAVE_STRTOULL */ +#ifndef HAVE_ATOLL +/* + * We already have a replace for strtoll use that. This + * is equivalent pr + * http://pubs.opengroup.org/onlinepubs/9699919799/functions/atoll.html + * + * This function is missing on some platforms: + * AIX 5.1, HP-UX 11, OSF/1 5.1, Interix 3.5. + */ +long long rep_atoll(const char *nptr) +{ + return strtoll(nptr, (char **)NULL, 10); +} +#endif /* HAVE ATOLL */ + #ifndef HAVE_SETENV int rep_setenv(const char *name, const char *value, int overwrite) { diff --git a/lib/replace/replace.h b/lib/replace/replace.h index c081f23..00a9a7d 100644 --- a/lib/replace/replace.h +++ b/lib/replace/replace.h @@ -312,6 +312,11 @@ unsigned long long int rep_strtoull(const char *str, char **endptr, int base); #endif #endif +#ifndef HAVE_ATOLL +#define atoll rep_atoll +long long rep_atoll(const char *nptr); +#endif + #ifndef HAVE_FTRUNCATE #define ftruncate rep_ftruncate int rep_ftruncate(int,off_t); diff --git a/lib/replace/test/testsuite.c b/lib/replace/test/testsuite.c index 0c1fac6..d523b0e 100644 --- a/lib/replace/test/testsuite.c +++ b/lib/replace/test/testsuite.c @@ -1054,6 +1054,26 @@ static int test_memmem(void) return true; } +static int test_atoll(void) { + char buffer[256]; + long long value = 1234567890123456; + long long value2; + + printf("test: atoll\n"); + + strcpy(buffer, "1234567890123456"); + + value2 = atoll(buffer); + + if(value != value2) { + printf(__location__ ": Failed atoll. Value = %lld, Value2 = %lld", value, value2); + return false; + } + + printf("success: atoll\n"); + + return true; +} bool torture_local_replace(struct torture_context *ctx) { @@ -1105,6 +1125,7 @@ bool torture_local_replace(struct torture_context *ctx) ret &= test_utime(); ret &= test_utimes(); ret &= test_memmem(); + ret &= test_atoll(); return ret; } diff --git a/lib/replace/wscript b/lib/replace/wscript index c24d6e7..22c0bbd 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -168,6 +168,7 @@ def configure(conf): conf.CHECK_FUNCS('link readlink symlink realpath snprintf vsnprintf') conf.CHECK_FUNCS('asprintf vasprintf setenv unsetenv strnlen strtoull __strtoull') conf.CHECK_FUNCS('strtouq strtoll __strtoll strtoq') + conf.CHECK_FUNCS('atoll') #Some OS (ie. freebsd) return EINVAL if the convertion could not be done, it's not what we expect #Let's detect those cases if conf.CONFIG_SET('HAVE_STRTOLL'): -- 1.7.2.5