[PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and... | git

[PATCH 0/3] R atoi · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-12
[PATCH 1/3] t3404: avoid losing exit status with focus on `git show` and `git cat-file` · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-12
Re: [PATCH 1/3] t3404: avoid losing exit status with focus on `git show` and `git cat-file` · Taylor Blau <hidden> · 2024-10-14
[PATCH 2/3] t3404: replace test with test_line_count() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-12
Re: [PATCH 2/3] t3404: replace test with test_line_count() · Taylor Blau <hidden> · 2024-10-14
[PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-12
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-13
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Phillip Wood <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Patrick Steinhardt <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Phillip Wood <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Patrick Steinhardt <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Phillip Wood <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-15
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Taylor Blau <hidden> · 2024-10-15
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-16
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · <hidden> · 2024-10-15
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Phillip Wood <hidden> · 2024-10-16
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-16
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-17
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Patrick Steinhardt <hidden> · 2024-10-17
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-17
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Phillip Wood <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Kristoffer Haugsbakk <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Phillip Wood <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · <hidden> · 2024-10-14
Re: [PATCH 3/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-17
[PATCH v2 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-18
[PATCH v2 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-18
Re: [PATCH v2 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Patrick Steinhardt <hidden> · 2024-10-21
Re: [PATCH v2 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-21
Re: [PATCH v2 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Taylor Blau <hidden> · 2024-10-21
Re: [PATCH v2 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-21
[PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-18
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Patrick Steinhardt <hidden> · 2024-10-21
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi <hidden> · 2024-10-21
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Taylor Blau <hidden> · 2024-10-21
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi <hidden> · 2024-10-21
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi <hidden> · 2024-10-21
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Taylor Blau <hidden> · 2024-10-21
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Phillip Wood <hidden> · 2024-10-30
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi <hidden> · 2024-10-30
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Phillip Wood <hidden> · 2024-10-31
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi <hidden> · 2024-10-31
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi <hidden> · 2024-11-06
Re: [PATCH v2 2/3] merge: replace atoi() with strtol_i() for marker size validation · <hidden> · 2024-11-06
[PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-18
Re: [PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Patrick Steinhardt <hidden> · 2024-10-21
Re: [PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi <hidden> · 2024-10-21
Re: [PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Patrick Steinhardt <hidden> · 2024-10-21
Re: [PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi <hidden> · 2024-10-21
Re: [PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Taylor Blau <hidden> · 2024-10-21
Re: [PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi <hidden> · 2024-10-21
Re: [PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi <hidden> · 2024-10-22
Re: [PATCH v2 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Taylor Blau <hidden> · 2024-10-18
Re: [PATCH v2 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-18
Re: [PATCH v2 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Taylor Blau <hidden> · 2024-10-18
Re: [PATCH v2 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-18
[PATCH v3 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-22
[PATCH v3 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-22
Re: [PATCH v3 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Taylor Blau <hidden> · 2024-10-22
Re: [PATCH v3 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-22
[PATCH v3 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-22
[PATCH v3 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-22
[PATCH v4 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-22
[PATCH v4 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-22
[PATCH v4 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-22
[PATCH v4 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-22
Re: [PATCH v4 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Patrick Steinhardt <hidden> · 2024-10-23
Re: [PATCH v4 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi <hidden> · 2024-10-23
[PATCH v5 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-23
[PATCH v5 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-23
Re: [PATCH v5 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Taylor Blau <hidden> · 2024-10-23
Re: [PATCH v5 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-24
[PATCH v5 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-23
Re: [PATCH v5 2/3] merge: replace atoi() with strtol_i() for marker size validation · Taylor Blau <hidden> · 2024-10-23
Re: [PATCH v5 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi <hidden> · 2024-10-24
[PATCH v5 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-23
Re: [PATCH v5 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Patrick Steinhardt <hidden> · 2024-10-23
Re: [PATCH v5 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Taylor Blau <hidden> · 2024-10-23
Re: [PATCH v5 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-24
[PATCH v6 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-24
[PATCH v6 1/3] daemon: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-24
[PATCH v6 2/3] merge: replace atoi() with strtol_i() for marker size validation · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-24
[PATCH v6 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing · Usman Akinyemi via GitGitGadget <hidden> · 2024-10-24
Re: [PATCH v6 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Taylor Blau <hidden> · 2024-10-24
Re: [PATCH v6 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Patrick Steinhardt <hidden> · 2024-10-25
Re: [PATCH v6 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Usman Akinyemi <hidden> · 2024-10-25
Re: [PATCH v6 0/3] parse: replace atoi() with strtoul_ui() and strtol_i() · Taylor Blau <hidden> · 2024-10-25

STALE592d

[PATCH v2 3/3] imap: replace atoi() with strtol_i() for UIDVALIDITY and UIDNEXT parsing

From: Usman Akinyemi via GitGitGadget <hidden>
Date: 2024-10-18 13:53:05
Subsystem: the rest · Maintainer: Linus Torvalds

From: Usman Akinyemi <redacted>

Replaced unsafe uses of atoi() with strtol_i() to improve error handling
when parsing UIDVALIDITY, UIDNEXT, and APPENDUID in IMAP commands.
Invalid values, such as those with letters,
now trigger error messages and prevent malformed status responses.

Signed-off-by: Usman Akinyemi <redacted>
---
 imap-send.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/imap-send.c b/imap-send.c
index ec68a066877..8214df128e5 100644
--- a/imap-send.c
+++ b/imap-send.c

@@ -668,12 +668,12 @@ static int parse_response_code(struct imap_store *ctx, struct imap_cmd_cb *cb,
 		return RESP_BAD;
 	}
 	if (!strcmp("UIDVALIDITY", arg)) {
-		if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg))) {
+		if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &ctx->uidvalidity) || !ctx->uidvalidity) {
 			fprintf(stderr, "IMAP error: malformed UIDVALIDITY status\n");
 			return RESP_BAD;
 		}
 	} else if (!strcmp("UIDNEXT", arg)) {
-		if (!(arg = next_arg(&s)) || !(imap->uidnext = atoi(arg))) {
+		if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &imap->uidnext) || !imap->uidnext) {
 			fprintf(stderr, "IMAP error: malformed NEXTUID status\n");
 			return RESP_BAD;
 		}

@@ -686,8 +686,8 @@ static int parse_response_code(struct imap_store *ctx, struct imap_cmd_cb *cb,
 		for (; isspace((unsigned char)*p); p++);
 		fprintf(stderr, "*** IMAP ALERT *** %s\n", p);
 	} else if (cb && cb->ctx && !strcmp("APPENDUID", arg)) {
-		if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg)) ||
-		    !(arg = next_arg(&s)) || !(*(int *)cb->ctx = atoi(arg))) {
+		if (!(arg = next_arg(&s)) || (strtol_i(arg, 10, &ctx->uidvalidity) || !ctx->uidvalidity) ||
+			!(arg = next_arg(&s)) || (strtol_i(arg, 10, (int *)cb->ctx) || !cb->ctx)) {
 			fprintf(stderr, "IMAP error: malformed APPENDUID status\n");
 			return RESP_BAD;
 		}

@@ -773,7 +773,10 @@ static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd)
 			if (!tcmd)
 				return DRV_OK;
 		} else {
-			tag = atoi(arg);
+			if (strtol_i(arg, 10, &tag)) {
+				fprintf(stderr, "IMAP error: malformed tag %s\n", arg);
+				return RESP_BAD;
+			}
 			for (pcmdp = &imap->in_progress; (cmdp = *pcmdp); pcmdp = &cmdp->next)
 				if (cmdp->tag == tag)
 					goto gottag;

-- 
gitgitgadget

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help