hmp: expr_unary(): check for overflow in strtoul()/strtoull()

It's not checked currently, so something like: (qemu) balloon -100000000000001111114334234 (qemu) Will just "work" (in this case the balloon command will get a random value). Fix it by checking if strtoul()/strtoull() overflowed. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2012-04-26 16:48:41 -03:00 · 2012-04-26 16:48:41 -03:00 · 6b0e33be88
parent 9abc62f644
commit 6b0e33be88
1 changed files with 4 additions and 0 deletions
--- a/monitor.c
+++ b/monitor.c
@ -3120,11 +3120,15 @@ static int64_t expr_unary(Monitor *mon)
        n = 0;
        break;
    default:
+        errno = 0;
 #if TARGET_PHYS_ADDR_BITS > 32
        n = strtoull(pch, &p, 0);
 #else
        n = strtoul(pch, &p, 0);
 #endif
+        if (errno == ERANGE) {
+            expr_error(mon, "number too large");
+        }
        if (pch == p) {
            expr_error(mon, "invalid char in expression");
        }