aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNRK <nrk@disroot.org>2022-09-14 06:58:41 +0200
committerNRK <nrk@disroot.org>2022-09-14 06:58:41 +0200
commitdaee34477a87f7eb97aa537577a48ddcf5a7d30b (patch)
treea3e7416150cfd6094c5de7793428f6b856da6d5b
parente356add07c6246b8a27a5d193e2e89da4afee6ad (diff)
downloadnsxiv-daee34477a87f7eb97aa537577a48ddcf5a7d30b.tar.zst
fix potential truncation of cli arguments (#367)
strtol() returns a `long`, but we're storing the result in an `int` which might end up getting truncated. change `n` to `long` and guard against >INT_MAX arguments in cases where it matters. use a float for storing argument of `-S` change `opt.slideshow` to `unsigned` similar to `img.ss.delay` Co-authored-by: Berke Kocaoğlu <berke.kocaoglu@metu.edu.tr> Reviewed-on: https://codeberg.org/nsxiv/nsxiv/pulls/367 Reviewed-by: Berke Kocaoğlu <berke.kocaoglu@metu.edu.tr> Reviewed-by: explosion-mental <explosion-mental@noreply.codeberg.org>
-rw-r--r--nsxiv.h2
-rw-r--r--options.c15
2 files changed, 9 insertions, 8 deletions
diff --git a/nsxiv.h b/nsxiv.h
index 2dc1783..7bf7e25 100644
--- a/nsxiv.h
+++ b/nsxiv.h
@@ -239,7 +239,7 @@ struct opt {
bool animate;
bool anti_alias;
int gamma;
- int slideshow;
+ unsigned int slideshow;
int framerate;
/* window: */
diff --git a/options.c b/options.c
index 3999e98..29c7c54 100644
--- a/options.c
+++ b/options.c
@@ -98,7 +98,8 @@ void parse_options(int argc, char **argv)
{ 0 }, /* end */
};
- int n, opt;
+ long n, opt;
+ float f;
char *end, *s;
struct optparse op;
const char scalemodes[] = "dfFwh"; /* must be sorted according to scalemode_t */
@@ -148,7 +149,7 @@ void parse_options(int argc, char **argv)
exit(EXIT_FAILURE);
case 'A':
n = strtol(op.optarg, &end, 0);
- if (*end != '\0' || n <= 0)
+ if (*end != '\0' || n <= 0 || n > INT_MAX)
error(EXIT_FAILURE, 0, "Invalid argument for option -A: %s", op.optarg);
_options.framerate = n;
/* fall through */
@@ -172,7 +173,7 @@ void parse_options(int argc, char **argv)
break;
case 'G':
n = strtol(op.optarg, &end, 0);
- if (*end != '\0')
+ if (*end != '\0' || n < INT_MIN || n > INT_MAX)
error(EXIT_FAILURE, 0, "Invalid argument for option -G: %s", op.optarg);
_options.gamma = n;
break;
@@ -187,7 +188,7 @@ void parse_options(int argc, char **argv)
break;
case 'n':
n = strtol(op.optarg, &end, 0);
- if (*end != '\0' || n <= 0)
+ if (*end != '\0' || n <= 0 || n > INT_MAX)
error(EXIT_FAILURE, 0, "Invalid argument for option -n: %s", op.optarg);
_options.startnum = n - 1;
break;
@@ -207,10 +208,10 @@ void parse_options(int argc, char **argv)
_options.recursive = true;
break;
case 'S':
- n = strtof(op.optarg, &end) * 10;
- if (*end != '\0' || n <= 0)
+ f = strtof(op.optarg, &end) * 10.0f;
+ if (*end != '\0' || f <= 0 || f >= (float)UINT_MAX)
error(EXIT_FAILURE, 0, "Invalid argument for option -S: %s", op.optarg);
- _options.slideshow = n;
+ _options.slideshow = (unsigned int)f;
break;
case 's':
s = strchr(scalemodes, op.optarg[0]);