diff options
author | Karel Klic <kklic@redhat.com> | 2010-05-06 14:17:36 +0200 |
---|---|---|
committer | Karel Klic <kklic@redhat.com> | 2010-05-06 14:17:36 +0200 |
commit | 07e9179379f8e0c6d384a1fe10b155ce0fcf8cef (patch) | |
tree | 8f1d8004c83c477ef952013e0cdf184012192a34 /src | |
parent | a58bf7f5f8de73d62deac92a81fb7f0b077afaed (diff) | |
download | abrt-07e9179379f8e0c6d384a1fe10b155ce0fcf8cef.tar.gz abrt-07e9179379f8e0c6d384a1fe10b155ce0fcf8cef.tar.xz abrt-07e9179379f8e0c6d384a1fe10b155ce0fcf8cef.zip |
Do not die when /var/cache/abrt/*/uid does not contain a number (rhbz#580899)
Diffstat (limited to 'src')
-rw-r--r-- | src/Daemon/MiddleWare.cpp | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/Daemon/MiddleWare.cpp b/src/Daemon/MiddleWare.cpp index 4f9a7058..33052de1 100644 --- a/src/Daemon/MiddleWare.cpp +++ b/src/Daemon/MiddleWare.cpp @@ -937,7 +937,19 @@ mw_result_t SaveDebugDump(const char *pDebugDumpDir, return MW_ERROR; } - if (IsDebugDumpSaved(xatou(UID.c_str()), pDebugDumpDir)) + /* Convert UID string to number uid_num. The UID string can be modified by user or + wrongly saved (empty or non-numeric), so xatou() cannot be used here, + because it would kill the daemon. */ + char *endptr; + errno = 0; + unsigned long uid_num = strtoul(UID.c_str(), &endptr, 10); + if (errno || UID.c_str() == endptr || *endptr != '\0' || uid_num > UINT_MAX) + { + error_msg("Invalid UID '%s' loaded from %s", UID.c_str(), pDebugDumpDir); + return MW_ERROR; + } + + if (IsDebugDumpSaved(uid_num, pDebugDumpDir)) { return MW_IN_DB; } |