/src/sudo/lib/util/strtonum.c

Source (jump to first uncovered line)
/*
 * SPDX-License-Identifier: ISC
 *
 * Copyright (c) 2013-2015, 2019-2020 Todd C. Miller <Todd.Miller@sudo.ws>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

/*
 * This is an open source non-commercial project. Dear PVS-Studio, please check it.
 * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
 */

#include <config.h>

#include <ctype.h>
#include <errno.h>

#include "sudo_compat.h"
#include "sudo_gettext.h"
#include "sudo_util.h"

enum strtonum_err {
    STN_INITIAL,
    STN_VALID,
    STN_INVALID,
    STN_TOOSMALL,
    STN_TOOBIG
};

/*
 * Convert a string to a number in the range [minval, maxval]
 * Unlike strtonum(), this returns the first non-digit in endp (if not NULL).
 */
long long
sudo_strtonumx(const char *str, long long minval, long long maxval, char **endp,
    const char **errstrp)
{
    enum strtonum_err errval = STN_INITIAL;
    long long lastval, result = 0;
    const char *cp = str;
    unsigned char ch;
    int remainder;
    char sign;

    if (minval > maxval) {
  errval = STN_INVALID;
  goto done;
    }

    /* Trim leading space and check sign, if any. */
    do {
  ch = *cp++;
    } while (isspace(ch));
    switch (ch) {
    case '-':
  sign = '-';
  ch = *cp++;
  break;
    case '+':
  ch = *cp++;
  FALLTHROUGH;
    default:
  sign = '+';
  break;
    }

    /*
     * To prevent overflow we determine the highest (or lowest in
     * the case of negative numbers) value result can have *before*
     * if its multiplied (divided) by 10 as well as the remainder.
     * If result matches this value and the next digit is larger than
     * the remainder, we know the result is out of range.
     * The remainder is always positive since it is compared against
     * an unsigned digit.
     */
    if (sign == '-') {
  lastval = minval / 10;
  remainder = -(minval % 10);
  if (remainder < 0) {
      lastval += 1;
      remainder += 10;
  }
  for (;; ch = *cp++) {
      if (!isdigit(ch))
    break;
      ch -= '0';
      if (result < lastval || (result == lastval && ch > remainder)) {
    /* Skip remaining digits. */
    do {
        ch = *cp++;
    } while (isdigit(ch));
    errval = STN_TOOSMALL;
    break;
      } else {
    result *= 10;
    result -= ch;
    errval = STN_VALID;
      }
  }
  if (result > maxval)
      errval = STN_TOOBIG;
    } else {
  lastval = maxval / 10;
  remainder = maxval % 10;
  for (;; ch = *cp++) {
      if (!isdigit(ch))
    break;
      ch -= '0';
      if (result > lastval || (result == lastval && ch > remainder)) {
    /* Skip remaining digits. */
    do {
        ch = *cp++;
    } while (isdigit(ch));
    errval = STN_TOOBIG;
    break;
      } else {
    result *= 10;
    result += ch;
    errval = STN_VALID;
      }
  }
  if (result < minval)
      errval = STN_TOOSMALL;
    }

done:
    switch (errval) {
    case STN_INITIAL:
    case STN_VALID:
  if (errstrp != NULL)
      *errstrp = NULL;
  break;
    case STN_INVALID:
  result = 0;
  errno = EINVAL;
  if (errstrp != NULL)
      *errstrp = N_("invalid value");
  break;
    case STN_TOOSMALL:
  result = 0;
  errno = ERANGE;
  if (errstrp != NULL)
      *errstrp = N_("value too small");
  break;
    case STN_TOOBIG:
  result = 0;
  errno = ERANGE;
  if (errstrp != NULL)
      *errstrp = N_("value too large");
  break;
    }
    if (endp != NULL) {
  if (errval == STN_INITIAL || errval == STN_INVALID)
      *endp = (char *)str;
  else
      *endp = (char *)(cp - 1);
    }
    return result;
}

/*
 * Convert a string to a number in the range [minval, maxval]
 */
long long
sudo_strtonum(const char *str, long long minval, long long maxval,
    const char **errstrp)
{
    const char *errstr;
    char *ep;
    long long ret;

    ret = sudo_strtonumx(str, minval, maxval, &ep, &errstr);
    /* Check for empty string and terminating NUL. */
    if (str == ep || *ep != '\0') {
  errno = EINVAL;
  errstr = N_("invalid value");
  ret = 0;
    }
    if (errstrp != NULL)
  *errstrp = errstr;
    return ret;
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* SPDX-License-Identifier: ISC
3		*
4		* Copyright (c) 2013-2015, 2019-2020 Todd C. Miller <Todd.Miller@sudo.ws>
5		*
6		* Permission to use, copy, modify, and distribute this software for any
7		* purpose with or without fee is hereby granted, provided that the above
8		* copyright notice and this permission notice appear in all copies.
9		*
10		* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11		* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12		* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13		* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14		* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15		* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16		* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17		*/
18
19		/*
20		* This is an open source non-commercial project. Dear PVS-Studio, please check it.
21		* PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
22		*/
23
24		#include <config.h>
25
26		#include <ctype.h>
27		#include <errno.h>
28
29		#include "sudo_compat.h"
30		#include "sudo_gettext.h"
31		#include "sudo_util.h"
32
33		enum strtonum_err {
34		STN_INITIAL,
35		STN_VALID,
36		STN_INVALID,
37		STN_TOOSMALL,
38		STN_TOOBIG
39		};
40
41		/*
42		* Convert a string to a number in the range [minval, maxval]
43		* Unlike strtonum(), this returns the first non-digit in endp (if not NULL).
44		*/
45		long long
46		sudo_strtonumx(const char str, long long minval, long long maxval, char *endp,
47		const char **errstrp)
48	7.15k	{
49	7.15k	enum strtonum_err errval = STN_INITIAL;
50	7.15k	long long lastval, result = 0;
51	7.15k	const char *cp = str;
52	7.15k	unsigned char ch;
53	7.15k	int remainder;
54	7.15k	char sign;
55
56	7.15k	if (minval > maxval) {
57	0	errval = STN_INVALID;
58	0	goto done;
59	0	}
60
61		/* Trim leading space and check sign, if any. */
62	7.15k	do {
63	7.15k	ch = *cp++;
64	7.15k	} while (isspace(ch));
65	7.15k	switch (ch) {
66	905	case '-':
67	905	sign = '-';
68	905	ch = *cp++;
69	905	break;
70	195	case '+':
71	195	ch = *cp++;
72	195	FALLTHROUGH;
73	6.24k	default:
74	6.24k	sign = '+';
75	6.24k	break;
76	7.15k	}
77
78		/*
79		* To prevent overflow we determine the highest (or lowest in
80		* the case of negative numbers) value result can have before
81		* if its multiplied (divided) by 10 as well as the remainder.
82		* If result matches this value and the next digit is larger than
83		* the remainder, we know the result is out of range.
84		* The remainder is always positive since it is compared against
85		* an unsigned digit.
86		*/
87	7.15k	if (sign == '-') {
88	905	lastval = minval / 10;
89	905	remainder = -(minval % 10);
90	905	if (remainder < 0) {
91	0	lastval += 1;
92	0	remainder += 10;
93	0	}
94	10.1k	for (;; ch = *cp++) {
95	10.1k	if (!isdigit(ch))
96	883	break;
97	9.29k	ch -= '0';
98	9.29k	if (result < lastval \|\| (result == lastval && ch > remainder)) {
99		/* Skip remaining digits. */
100	5.70k	do {
101	5.70k	ch = *cp++;
102	5.70k	} while (isdigit(ch));
103	22	errval = STN_TOOSMALL;
104	22	break;
105	9.27k	} else {
106	9.27k	result *= 10;
107	9.27k	result -= ch;
108	9.27k	errval = STN_VALID;
109	9.27k	}
110	9.29k	}
111	905	if (result > maxval)
112	0	errval = STN_TOOBIG;
113	6.24k	} else {
114	6.24k	lastval = maxval / 10;
115	6.24k	remainder = maxval % 10;
116	21.0k	for (;; ch = *cp++) {
117	21.0k	if (!isdigit(ch))
118	6.16k	break;
119	14.9k	ch -= '0';
120	14.9k	if (result > lastval \|\| (result == lastval && ch > remainder)) {
121		/* Skip remaining digits. */
122	4.81k	do {
123	4.81k	ch = *cp++;
124	4.81k	} while (isdigit(ch));
125	79	errval = STN_TOOBIG;
126	79	break;
127	14.8k	} else {
128	14.8k	result *= 10;
129	14.8k	result += ch;
130	14.8k	errval = STN_VALID;
131	14.8k	}
132	14.9k	}
133	6.24k	if (result < minval)
134	0	errval = STN_TOOSMALL;
135	6.24k	}
136
137	7.15k	done:
138	7.15k	switch (errval) {
139	17	case STN_INITIAL:
140	7.05k	case STN_VALID:
141	7.05k	if (errstrp != NULL)
142	7.05k	*errstrp = NULL;
143	7.05k	break;
144	0	case STN_INVALID:
145	0	result = 0;
146	0	errno = EINVAL;
147	0	if (errstrp != NULL)
148	0	*errstrp = N_("invalid value");
149	0	break;
150	22	case STN_TOOSMALL:
151	22	result = 0;
152	22	errno = ERANGE;
153	22	if (errstrp != NULL)
154	22	*errstrp = N_("value too small");
155	22	break;
156	79	case STN_TOOBIG:
157	79	result = 0;
158	79	errno = ERANGE;
159	79	if (errstrp != NULL)
160	79	*errstrp = N_("value too large");
161	79	break;
162	7.15k	}
163	7.15k	if (endp != NULL) {
164	7.15k	if (errval == STN_INITIAL \|\| errval == STN_INVALID)
165	17	endp = (char )str;
166	7.13k	else
167	7.13k	endp = (char )(cp - 1);
168	7.15k	}
169	7.15k	return result;
170	7.15k	}
171
172		/*
173		* Convert a string to a number in the range [minval, maxval]
174		*/
175		long long
176		sudo_strtonum(const char *str, long long minval, long long maxval,
177		const char **errstrp)
178	7.15k	{
179	7.15k	const char *errstr;
180	7.15k	char *ep;
181	7.15k	long long ret;
182
183	7.15k	ret = sudo_strtonumx(str, minval, maxval, &ep, &errstr);
184		/* Check for empty string and terminating NUL. */
185	7.15k	if (str == ep \|\| *ep != '\0') {
186	37	errno = EINVAL;
187	37	errstr = N_("invalid value");
188	37	ret = 0;
189	37	}
190	7.15k	if (errstrp != NULL)
191	7.15k	*errstrp = errstr;
192	7.15k	return ret;
193	7.15k	}

Coverage Report

Created: 2023-06-07 06:46