diff options
| author | Deokhyun Kim <dukan.kim@samsung.com> | 2018-03-02 19:52:48 +0900 |
|---|---|---|
| committer | Deokhyun Kim <dukan.kim@samsung.com> | 2018-03-02 19:52:48 +0900 |
| commit | 79defe5e3e9539ceec3ed0137d10af4c0361f5d5 (patch) | |
| tree | 7142d8a2e22f1146c9fe81d94b88630353495c23 | |
| parent | b7b16a2e9234032b501af2ea27c21c14f2b33191 (diff) | |
| download | bluetooth-79defe5e3e9539ceec3ed0137d10af4c0361f5d5.tar.gz bluetooth-79defe5e3e9539ceec3ed0137d10af4c0361f5d5.tar.bz2 bluetooth-79defe5e3e9539ceec3ed0137d10af4c0361f5d5.zip | |
Use strtoul instead of strtol to prevent overflow.
Change-Id: Iec6735db888f9c9ce4f5ef650381608f08953ca7
Signed-off-by: Deokhyun Kim <dukan.kim@samsung.com>
| -rw-r--r-- | src/bluetooth-adapter.c | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/src/bluetooth-adapter.c b/src/bluetooth-adapter.c index 91289f9..0fd3b5b 100644 --- a/src/bluetooth-adapter.c +++ b/src/bluetooth-adapter.c @@ -1825,10 +1825,9 @@ static int __bt_convert_string_to_uuid(const char *string, if (strlen(string) == 4) { /* 16 bit uuid */ unsigned short val; - char *stop; - data = g_malloc0(sizeof(char) *2); + data = g_malloc0(sizeof(char) * 2); - val = strtol(string, &stop, 16); + val = (unsigned short)strtoul(string, NULL, 16); val = htons(val); memcpy(data, &val, 2); *uuid = data; @@ -1843,12 +1842,11 @@ static int __bt_convert_string_to_uuid(const char *string, char str_ptr[37] = { 0 }; char *ptr[7]; char *next_ptr; - char *stop; int idx = 0; unsigned int val0, val4; unsigned short val1, val2, val3, val5; - data = g_malloc0(sizeof(char) *16); + data = g_malloc0(sizeof(char) * 16); /* UUID format : %08x-%04hx-%04hx-%04hx-%08x%04hx */ strncpy(str_ptr, string, 36); @@ -1866,12 +1864,12 @@ static int __bt_convert_string_to_uuid(const char *string, strncpy(ptr[5], ptr[4], 8); strncpy(ptr[6], ptr[4] + 8, 4); - val0 = strtol(ptr[0], &stop, 16); - val1 = strtol(ptr[1], &stop, 16); - val2 = strtol(ptr[2], &stop, 16); - val3 = strtol(ptr[3], &stop, 16); - val4 = strtol(ptr[5], &stop, 16); - val5 = strtol(ptr[6], &stop, 16); + val0 = (unsigned int)strtoul(ptr[0], NULL, 16); + val1 = (unsigned short)strtoul(ptr[1], NULL, 16); + val2 = (unsigned short)strtoul(ptr[2], NULL, 16); + val3 = (unsigned short)strtoul(ptr[3], NULL, 16); + val4 = (unsigned int)strtoul(ptr[5], NULL, 16); + val5 = (unsigned short)strtoul(ptr[6], NULL, 16); val0 = htonl(val0); val1 = htons(val1); |