Just did an apt-get source glibc, and in the diff, I found the following code snippet, in glibc-2.7/debian/patches/any/local-bindresvport_blacklist.diff , in sunrpc/bindrsvprt.c , which seems to be meant to parse one line:
It seems to:
1. Remove comments
2. Remove _leading_ spaces
3. Ignore empty lines
4. Remove final newline
5. Parse the number
6. ... but then _check_ whether the line finishes right after the number, by comparing the tmp pointer "returned" by strtoul with '\0'.
The point 6 has to go. Or if we want to keep some sanity checking, maybe there should be a "while (isspace ((int)*tmp)) ++tmp; /* remove spaces and tabs */" line between the strtoul and the check for *tmp != '\0'
Just did an apt-get source glibc, and in the diff, I found the following code snippet, in glibc-2. 7/debian/ patches/ any/local- bindresvport_ blacklist. diff , in sunrpc/bindrsvprt.c , which seems to be meant to parse one line:
++ tmp = strchr (cp, '#'); /* remove comments */
++ if (tmp)
++ *tmp = '\0';
++ while (isspace ((int)*cp)) /* remove spaces and tabs */
++ ++cp;
++ if (*cp == '\0') /* ignore empty lines */
++ continue;
++ if (cp[strlen (cp) - 1] == '\n')
++ cp[strlen (cp) - 1] = '\0';
++
++ port = strtoul (cp, &tmp, 0);
++ if (*tmp != '\0' || (port == ULONG_MAX && errno == ERANGE))
++ continue;
It seems to:
1. Remove comments
2. Remove _leading_ spaces
3. Ignore empty lines
4. Remove final newline
5. Parse the number
6. ... but then _check_ whether the line finishes right after the number, by comparing the tmp pointer "returned" by strtoul with '\0'.
The point 6 has to go. Or if we want to keep some sanity checking, maybe there should be a "while (isspace ((int)*tmp)) ++tmp; /* remove spaces and tabs */" line between the strtoul and the check for *tmp != '\0'