From fd0c285b12f4235ba62e13489a6a09e487825cf6 Mon Sep 17 00:00:00 2001 From: Alexey Edelev Date: Tue, 4 Jan 2022 18:38:32 +0100 Subject: file: Fix types of the OFFSET and LIMIT arguments OFFSET argument cannot handle offsets bigger than INT_MAX because of the atoi function, which is used to convert the argument string to integer. Same applies for the LIMIT argument. Use the steam based reading and 64-bit types to convert and store arguments to avoid invalid values stored in the corresponding variables. Fixes: #23076 --- Source/cmFileCommand.cxx | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/Source/cmFileCommand.cxx b/Source/cmFileCommand.cxx index d9fb608..da2f15f 100644 --- a/Source/cmFileCommand.cxx +++ b/Source/cmFileCommand.cxx @@ -199,14 +199,13 @@ bool HandleReadCommand(std::vector const& args, // is there a limit? std::string::size_type sizeLimit = std::string::npos; if (!arguments.Limit.empty()) { - sizeLimit = - static_cast(atoi(arguments.Limit.c_str())); + std::istringstream(arguments.Limit) >> sizeLimit; } // is there an offset? - long offset = 0; + cmsys::ifstream::off_type offset = 0; if (!arguments.Offset.empty()) { - offset = atoi(arguments.Offset.c_str()); + std::istringstream(arguments.Offset) >> offset; } file.seekg(offset, std::ios::beg); // explicit ios::beg for IBM VisualAge 6 @@ -216,25 +215,21 @@ bool HandleReadCommand(std::vector const& args, if (arguments.Hex) { // Convert part of the file into hex code char c; - while ((sizeLimit != 0) && (file.get(c))) { + while ((sizeLimit > 0) && (file.get(c))) { char hex[4]; snprintf(hex, sizeof(hex), "%.2x", c & 0xff); output += hex; - if (sizeLimit > 0) { - sizeLimit--; - } + sizeLimit--; } } else { std::string line; bool has_newline = false; while ( - sizeLimit != 0 && + sizeLimit > 0 && cmSystemTools::GetLineFromStream(file, line, &has_newline, sizeLimit)) { - if (sizeLimit > 0) { - sizeLimit = sizeLimit - static_cast(line.size()); - if (has_newline && sizeLimit > 0) { - sizeLimit--; - } + sizeLimit = sizeLimit - line.size(); + if (has_newline && sizeLimit > 0) { + sizeLimit--; } output += line; if (has_newline) { -- cgit v0.12