changeset 908:a9b97b811b8a

pidfile: Correctly detect overflow when parsing pid Previously the return value of strtol was stored in pid_t and then compared against LONG_MAX. However, on 64bit linux at least, pid_t is a signed entity that is not longer than long, so this comparison always fails. Furthermore the call to strtol() allows for negative pid values which are not desirable to be passed to kill() in this context. Correct these problems by * Using strtoul() instead of strtol(). * Save the return value of strtoul() in a variable of type long, the type returned by strtoul() and compare this against LONG_MAX for overflow in the strtoul() call. * Compare this value with itself cast to pid_t to detect if the value is too long to be passed to kill() Signed-off-by: Simon Horman <horms@verge.net.au>
author Simon Horman <horms@verge.net.au>
date Wed, 07 Aug 2013 14:40:48 +0900
parents cdf5ab1278e9
children dfbd5973e7b9
files perdition/perdition.c
diffstat 1 files changed, 10 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/perdition/perdition.c	Wed Aug 07 14:15:23 2013 +0900
+++ b/perdition/perdition.c	Wed Aug 07 14:40:48 2013 +0900
@@ -1309,7 +1309,7 @@
 
 	int     pidfilefd;
 	char    pidbuf[11];
-	pid_t   pid;
+	unsigned long	pid;
 	ssize_t  bytes;
 
 	if (create_pid_directory(pidfilename, username, group) < 0) {
@@ -1366,14 +1366,21 @@
 			return -1;
 		}
 
-		pid = strtol(pidbuf, NULL, 10);
-		if (pid == LONG_MAX && errno == ERANGE) {
+		pid = strtoul(pidbuf, NULL, 10);
+		if (pid == ULONG_MAX && errno == ERANGE) {
 			VANESSA_LOGGER_DEBUG_UNSAFE("Invalid pid in pid-file "
 	 				"[%s]: %s", pidfilename, 
 					strerror(errno));
 			return -1;
 		}
 
+		if ((long)pid != (pid_t)pid) {
+			VANESSA_LOGGER_DEBUG_UNSAFE("Invalid pid in pid-file "
+	 				"[%s]: larger than maximum pid",
+					pidfilename);
+			return -1;
+		}
+
 		if (!kill(pid, 0)) {
 			VANESSA_LOGGER_ERR_UNSAFE("Fatal error: "
 					"Pid file [%s] exists for "