<<< Date Index >>>     <<< Thread Index >>>

[Mutt] #3145: atoi() is not safe (undefined behavior if value is not representable)



#3145: atoi() is not safe (undefined behavior if value is not representable)
--------------------+-------------------------------------------------------
 Reporter:  vinc17  |       Owner:  mutt-dev
     Type:  defect  |      Status:  new     
 Priority:  major   |   Milestone:          
Component:  mutt    |     Version:  1.5.18  
 Keywords:          |  
--------------------+-------------------------------------------------------
 Mutt uses the standard atoi() function in some number of places. But this
 function can have undefined behavior in case of error, e.g. if the value
 cannot be represented:

   7.20.1  String conversion functions

   [1]  The  functions  atof,  atoi,  atol,  and atoll need not
   affect the value of  the  integer  expression  errno  on  an
   error.   If  the  value of the result cannot be represented,
   the behavior is undefined.

 atoi may be safe in some cases, but this is not documented. Sometimes it
 isn't at all (e.g. in smtp.c), with a possible security problem. strtol
 should be used instead, with proper error checking, to avoid things like
 memory corruption, crashes and so on.

-- 
Ticket URL: <http://dev.mutt.org/trac/ticket/3145>
Mutt <http://www.mutt.org/>
The Mutt mail user agent