From: tobias <tobias@openbsd.org>
Date: Sat, 13 Dec 2014 10:26:48 +0000 (+0000)
Subject: Properly validate ranges:
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=64bd8781b5f5f1d5cd86e3d34ce0289a4f4d087b;p=openbsd

Properly validate ranges:

- avoid out of boundary access on very short program names
- fix compiler warning when converting values between 0 and INT_MAX

ok deraadt, millert
---

diff --git a/bin/chmod/chmod.c b/bin/chmod/chmod.c
index 935cf4dce91..4e5872421d0 100644
--- a/bin/chmod/chmod.c
+++ b/bin/chmod/chmod.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: chmod.c,v 1.31 2014/10/06 17:37:34 schwarze Exp $	*/
+/*	$OpenBSD: chmod.c,v 1.32 2014/12/13 10:26:48 tobias Exp $	*/
 /*	$NetBSD: chmod.c,v 1.12 1995/03/21 09:02:09 cgd Exp $	*/
 
 /*
@@ -58,7 +58,7 @@ main(int argc, char *argv[])
 	FTS *ftsp;
 	FTSENT *p;
 	void *set;
-	long val;
+	unsigned long val;
 	int oct;
 	mode_t omode;
 	int Hflag, Lflag, Rflag, ch, fflag, fts_options, hflag, rval;
@@ -69,10 +69,12 @@ main(int argc, char *argv[])
 
 	setlocale(LC_ALL, "");
 
-	ischown = __progname[2] == 'o';
-	ischgrp = __progname[2] == 'g';
-	ischmod = __progname[2] == 'm';
-	ischflags = __progname[2] == 'f';
+	if (strlen(__progname) > 2) {
+		ischown = __progname[2] == 'o';
+		ischgrp = __progname[2] == 'g';
+		ischmod = __progname[2] == 'm';
+		ischflags = __progname[2] == 'f';
+	}
 
 	uid = (uid_t)-1;
 	gid = (gid_t)-1;
@@ -171,8 +173,8 @@ done:
 		mode = *argv;
 		if (*mode >= '0' && *mode <= '7') {
 			errno = 0;
-			val = strtol(mode, &ep, 8);
-			if (val > INT_MAX || val < 0)
+			val = strtoul(mode, &ep, 8);
+			if (val > INT_MAX)
 				errno = ERANGE;
 			if (errno)
 				err(1, "invalid file mode: %s", mode);