http.c: Improve error detection for strotull(3)

set_length relies on user input to determine Content-Length, so it should be considered unreliable.
2023-03-04 02:34:55 +01:00 · 2023-03-04 02:34:55 +01:00 · 0e8e6c3742
parent 67ffb772b7
commit 0e8e6c3742
1 changed files with 12 additions and 1 deletions
--- a/http.c
+++ b/http.c
@ -562,7 +562,18 @@ failure:

 static int set_length(struct http_ctx *const h, const char *const len)
 {
-    h->ctx.post.len = strtoull(len, NULL, 10);
+    char *end;
+
+    errno = 0;
+    h->ctx.post.len = strtoull(len, &end, 10);
+
+    if (errno || *end != '\0')
+    {
+        fprintf(stderr, "%s: invalid length %s: %s\n",
+            __func__, len, strerror(errno));
+        return 1;
+    }
+
    return 0;
 }