really carefully check strtoll() return value before casting to uint64_t

author: Christian Grothoff <christian@grothoff.org> 2017-10-06 22:04:51 +0200
committer: Christian Grothoff <christian@grothoff.org> 2017-10-06 22:04:51 +0200
commit: d86a6615cc60ba9e9d1a70146d761160564f404a (patch)
tree: 89dc16c48ce5b3c189349fe2aa5511daf0134c09 /src
parent: 332a37292c1db7261ebc6bb6fbb9ceacd7cc3220 (diff)
download: exchange-d86a6615cc60ba9e9d1a70146d761160564f404a.tar.gz
exchange-d86a6615cc60ba9e9d1a70146d761160564f404a.tar.bz2
exchange-d86a6615cc60ba9e9d1a70146d761160564f404a.zip
2 files changed, 9 insertions, 4 deletions
diff --git a/src/auditor/taler-auditor.c b/src/auditor/taler-auditor.c
index bf8bd97b5..f9f03b0f7 100644
--- a/src/auditor/taler-auditor.c
+++ b/src/auditor/taler-auditor.c
@@ -1941,6 +1941,7 @@ wire_transfer_information_cb (void *cls,
     return;
   }
 
+  GNUNET_assert (NULL != dki); /* mostly to help static analysis */
   /* Check transaction history to see if it supports aggregate
      valuation */
   check_transaction_history (coin_pub,
diff --git a/src/exchange-tools/taler-exchange-keyup.c b/src/exchange-tools/taler-exchange-keyup.c
index facb832d6..ccaca14f8 100644
--- a/src/exchange-tools/taler-exchange-keyup.c
+++ b/src/exchange-tools/taler-exchange-keyup.c
@@ -363,18 +363,22 @@ get_anchor_iter (void *cls,
   struct GNUNET_TIME_Absolute stamp;
   const char *base;
   char *end = NULL;
+  long long int bval;
 
   base = GNUNET_STRINGS_get_short_name (filename);
-  stamp.abs_value_us = strtoll (base,
-                                &end,
-                                10);
-  if ((NULL == end) || (0 != *end))
+  bval = strtoll (base,
+                  &end,
+                  10);
+  if ( (NULL == end) ||
+       (0 != *end) ||
+       (0 > bval) )
   {
     fprintf(stderr,
             "Ignoring unexpected file `%s'.\n",
             filename);
     return GNUNET_OK;
   }
+  stamp.abs_value_us = (uint64_t) bval;
   *anchor = GNUNET_TIME_absolute_max (stamp,
                                       *anchor);
   return GNUNET_OK;
author	Christian Grothoff <christian@grothoff.org>	2017-10-06 22:04:51 +0200
committer	Christian Grothoff <christian@grothoff.org>	2017-10-06 22:04:51 +0200
commit	d86a6615cc60ba9e9d1a70146d761160564f404a (patch)
tree	89dc16c48ce5b3c189349fe2aa5511daf0134c09 /src
parent	332a37292c1db7261ebc6bb6fbb9ceacd7cc3220 (diff)
download	exchange-d86a6615cc60ba9e9d1a70146d761160564f404a.tar.gz exchange-d86a6615cc60ba9e9d1a70146d761160564f404a.tar.bz2 exchange-d86a6615cc60ba9e9d1a70146d761160564f404a.zip