From c3cf5b237d72c732df075f15af9555f9b9ed9b91 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Wed, 8 Nov 2023 16:15:01 -0500 Subject: [PATCH] undeploy: Parse integer more properly `atoi` doesn't offer any error checking. Closes: https://github.com/ostreedev/ostree/issues/3088 --- src/ostree/ot-admin-builtin-undeploy.c | 9 ++++++++- tests/admin-test.sh | 8 +++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/src/ostree/ot-admin-builtin-undeploy.c b/src/ostree/ot-admin-builtin-undeploy.c index ab028d4161..3c901a44d7 100644 --- a/src/ostree/ot-admin-builtin-undeploy.c +++ b/src/ostree/ot-admin-builtin-undeploy.c @@ -50,7 +50,14 @@ ot_admin_builtin_undeploy (int argc, char **argv, OstreeCommandInvocation *invoc g_autoptr (GPtrArray) current_deployments = ostree_sysroot_get_deployments (sysroot); const char *deploy_index_str = argv[1]; - int deploy_index = atoi (deploy_index_str); + guint deploy_index; + { + char *endptr = NULL; + errno = 0; + deploy_index = (guint)g_ascii_strtoull (deploy_index_str, &endptr, 10); + if (*endptr != '\0') + return glnx_throw (error, "Invalid index: %s", deploy_index_str); + } g_autoptr (OstreeDeployment) target_deployment = ot_admin_get_indexed_deployment (sysroot, deploy_index, error); diff --git a/tests/admin-test.sh b/tests/admin-test.sh index 520a875c7a..17dbc6111c 100644 --- a/tests/admin-test.sh +++ b/tests/admin-test.sh @@ -19,7 +19,7 @@ set -euo pipefail -echo "1..$((30 + ${extra_admin_tests:-0}))" +echo "1..$((31 + ${extra_admin_tests:-0}))" mkdir sysrootmin ${CMD_PREFIX} ostree admin init-fs --modern sysrootmin @@ -187,6 +187,12 @@ ${CMD_PREFIX} ostree admin status validate_bootloader echo "ok deploy with modified /etc" +if ${CMD_PREFIX} ostree admin undeploy blah 2>err.txt; then + fatal "undeploy parsed string" +fi +assert_file_has_content_literal err.txt 'error: Invalid index: blah' +echo "ok undeploy error invalid int" + # we now have 5 deployments, let's bring that back down to 1 for i in $(seq 4); do ${CMD_PREFIX} ostree admin undeploy 0