From a47b6461a15f74beac188483616126ed5e987f93 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Sat, 18 Apr 2015 18:28:36 +0000
Subject: Convert many atoi() calls to strtonum(), adding range checks and
 failure handling along the way. Reviews by Brendan MacDonell, Jeremy
 Devenport, florian, doug, millert

---
 usr.sbin/sa/main.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'usr.sbin/sa')

diff --git a/usr.sbin/sa/main.c b/usr.sbin/sa/main.c
index f7c0f1c4f15..f64f03c7265 100644
--- a/usr.sbin/sa/main.c
+++ b/usr.sbin/sa/main.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: main.c,v 1.12 2013/11/24 01:06:19 deraadt Exp $	*/
+/*	$OpenBSD: main.c,v 1.13 2015/04/18 18:28:38 deraadt Exp $	*/
 /*
  * Copyright (c) 1994 Christopher G. Demetriou
  * All rights reserved.
@@ -72,6 +72,7 @@ main(int argc, char **argv)
 {
 	int ch;
 	int error = 0;
+	const char *errstr;
 	extern char *__progname;
 
 	while ((ch = getopt(argc, argv, "abcdDfijkKlmnqrstuv:")) != -1)
@@ -156,7 +157,10 @@ main(int argc, char **argv)
 		case 'v':
 			/* cull junk */
 			vflag = 1;
-			cutoff = atoi(optarg);
+			/* XXX cutoff could be converted to quad_t? */
+			cutoff = strtonum(optarg, 1, INT_MAX, &errstr);
+			if (errstr)
+				errx(1, "-v $s: %s", optarg, errstr);
 			break;
 		case '?':
 		default:
-- 
cgit v1.2.3-59-g8ed1b