revisit some calls of strtol(), stroul(), strtoull()
Replace some with atoi(), where the VTY has already validated correct
range of the argument.
Replace others with the new osmo_str_to_int() or osmo_str_to_int64()
functions, possibly covering more detection of invalid number strings.
Leave those strtol() callers that depend on endptr to provide the next
string token.
Related: SYS#5542
Change-Id: I0ebb06e751c28f7d1cdf328de29cd227a2449391
diff --git a/src/vty/cpu_sched_vty.c b/src/vty/cpu_sched_vty.c
index 4ccc627..0b4b249 100644
--- a/src/vty/cpu_sched_vty.c
+++ b/src/vty/cpu_sched_vty.c
@@ -276,7 +276,6 @@
static enum sched_vty_thread_id procname2pid(pid_t *res_pid, const char *str, bool applynow)
{
size_t i, len;
- char *end;
bool is_pid = true;
if (strcmp(str, "all") == 0) {
@@ -297,12 +296,12 @@
}
}
if (is_pid) {
- errno = 0;
- *res_pid = strtoul(str, &end, 0);
- if ((errno == ERANGE && *res_pid == ULONG_MAX) || (errno && !*res_pid) ||
- str == end) {
+ int64_t val;
+ if (osmo_str_to_int64(&val, str, 0, 0, INT64_MAX))
return SCHED_VTY_THREAD_UNKNOWN;
- }
+ *res_pid = (pid_t)val;
+ if (*res_pid != val)
+ return SCHED_VTY_THREAD_UNKNOWN;
if (!applynow || proc_tid_exists(*res_pid))
return SCHED_VTY_THREAD_ID;
else