From: Nikodemus Siivola <nikodemus@random-state.net>
Date: Sun, 10 Apr 2011 13:08:52 +0000 (+0000)
Subject: 1.0.47.22: better --dynamic-space-size argument validation
X-Git-Url: http://repo.macrolet.net/gitweb/?a=commitdiff_plain;h=796f8af2cc2b3876b82f638e75b1ceaffedf226d;p=sbcl.git

1.0.47.22: better --dynamic-space-size argument validation

  Based on patch by Roman Marynchak, lp#721457.

  1. Check for trailing junk, in case of someone trying to use eg.
     --dynamic-space-size 1Gb.

  2. Check the range before converting to bytes to avoid weirdness.
---

diff --git a/NEWS b/NEWS
index dabff33..5a652f0 100644
--- a/NEWS
+++ b/NEWS
@@ -22,6 +22,8 @@ changes relative to sbcl-1.0.47:
     optimization. (regression from 1.0.45.18/1.0.46.15)
   * bug fix: package locks did not protects against compile-time side-effects
     of DEFUN. (lp#675584)
+  * bug fix: --dynamic-space-size argument is validated more carefully.
+    (lp#721457)
 
 changes in sbcl-1.0.47 relative to sbcl-1.0.46:
   * bug fix: fix mach port rights leaks in mach exception handling code on
diff --git a/src/runtime/runtime.c b/src/runtime/runtime.c
index d03cd8d..4c1ea71 100644
--- a/src/runtime/runtime.c
+++ b/src/runtime/runtime.c
@@ -394,16 +394,23 @@ main(int argc, char *argv[], char *envp[])
                 ++argi;
                 if (argi >= argc)
                     lose("missing argument for --dynamic-space-size");
-                errno = 0;
-                dynamic_space_size = strtol(argv[argi++], 0, 0) << 20;
-                if (errno)
-                    lose("argument to --dynamic-space-size is not a number");
+                {
+                  char *tail;
+                  long tmp = strtol(argv[argi++], &tail, 0);
+                  if (tail[0])
+                    lose("--dynamic-space-size argument is not a number");
+                  if ((tmp <= 0) ||
+                      (tmp >= (LONG_MAX >> 20))) {
+                    lose("--dynamic-space-size argument is out of range");
+                  }
+                  dynamic_space_size = tmp << 20;
+                }
 #               ifdef MAX_DYNAMIC_SPACE_END
                 if (!((DYNAMIC_SPACE_START <
                        DYNAMIC_SPACE_START+dynamic_space_size) &&
                       (DYNAMIC_SPACE_START+dynamic_space_size <=
                        MAX_DYNAMIC_SPACE_END)))
-                    lose("specified --dynamic-space-size too large");
+                    lose("--dynamic-space-size argument is too large");
 #               endif
             } else if (0 == strcmp(arg, "--control-stack-size")) {
                 ++argi;
diff --git a/version.lisp-expr b/version.lisp-expr
index f75dc23..1aa75b7 100644
--- a/version.lisp-expr
+++ b/version.lisp-expr
@@ -20,4 +20,4 @@
 ;;; checkins which aren't released. (And occasionally for internal
 ;;; versions, especially for internal versions off the main CVS
 ;;; branch, it gets hairier, e.g. "0.pre7.14.flaky4.13".)
-"1.0.47.21"
+"1.0.47.22"