diff options
| author | Nathan Kinder <nkinder@redhat.com> | 2006-02-15 00:26:19 +0000 |
|---|---|---|
| committer | Nathan Kinder <nkinder@redhat.com> | 2006-02-15 00:26:19 +0000 |
| commit | 92a9ca8975f64a89e5b1dfe569dce38b0ffb5f25 (patch) | |
| tree | ff5c6b9eba3e5e3e3a65cc150dc1ec57d33a22d5 /include | |
| parent | b11594f6acfc8a2003e079905c9bdb74a8e035a2 (diff) | |
Bug(s) fixed: 181032
Bug Description: Most of our integer based config parameters do not do a good job
validating input. For example, alphabetic characters will be accepted as a value
if "0" is a valid setting for a given parameter since atoi returns "0" on error. We
also don't properly check for range errors for many parameters.
Reviewed by: Rich, Pete, and Noriko (Thanks!)
Files: ldapserver/ldap/servers/slapd/libglobs.c
Branch: HEAD
Fix Description: This adds better input validation for a number of integer based config
settings. I replaced our usage of atoi() with strtol() so we can recognize
conversion errors. I also added more descriptive error strings where they were
missing. I revised the fix due to feedback from Noriko. She recommended that
we check for ERANGE areas for all calls to strtol insead of only checking when
LONG_MAX is a valid setting for a config parameter.
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions