httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Rumph <mike.ru...@oracle.com>
Subject False positive errno test after call to strtol()
Date Thu, 14 Nov 2013 21:11:10 GMT
The man page for strtol() indicate that the function can set errno to 
ERANGE (EINVAL is also possible for some environments).
But for the errno check to be valid errno should be set to 0 before the 
function call.
- http://linux.die.net/man/3/strtol

I've reviewed all cases of calls to strtol() in httpd and APR code.
In some cases no validation is performed after the call.
In most cases endptr (the second parameter) is checked against the 
beginning and/or ending of the string which does not guarantee against 
numeric overflow.
In some cases errno is checked for ERANGE.

I've attached a patch for the simplest case, where errno is checked but 
was not set to 0 before the call.

I will consider working up a more extensive patch, if it is desired.

BTW, this discussion is not purely theoretical.
Erroneous "Invalid ThreadStackSize value: " messages have been witnessed 
in HP-UX environments.

Thanks,

Mike Rumph

Mime
View raw message