From: Fabian Keil <fk@fabiankeil.de>
Date: Fri, 8 Jul 2011 13:29:22 +0000 (+0000)
Subject: Also let parse_toggle_state() reject values like '1[insert garbage here]'
X-Git-Tag: v_3_0_18~177
X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=commitdiff_plain;h=ccc52bf68a5942d1bef966d3e83faabea2af0440

Also let parse_toggle_state() reject values like '1[insert garbage here]'
---

diff --git a/loadcfg.c b/loadcfg.c
index 6f39e179..2369cc7f 100644
--- a/loadcfg.c
+++ b/loadcfg.c
@@ -1,4 +1,4 @@
-const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.113 2011/07/08 13:27:31 fabiankeil Exp $";
+const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.114 2011/07/08 13:29:06 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/loadcfg.c,v $
@@ -297,6 +297,7 @@ static int parse_toggle_state(const char *name, const char *value)
 {
    int toggle_state;
    assert(name != NULL);
+   assert(value != NULL);
 
    if ((value == NULL) || (*value == '\0'))
    {
@@ -305,7 +306,11 @@ static int parse_toggle_state(const char *name, const char *value)
 
    toggle_state = atoi(value);
 
-   if ((toggle_state != 0) && (toggle_state != 1))
+   /*
+    * Also check the length as atoi() doesn't mind
+    * garbage after a valid integer, but we do.
+    */
+   if (((toggle_state != 0) && (toggle_state != 1)) || (strlen(value) != 1))
    {
       log_error(LOG_LEVEL_FATAL,
          "Directive %s used with invalid argument '%s'. Use either '0' or '1'.",