From 809aa216c630f1cc61b0c3b9d992d4a3be14be3c Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <jak@debian.org>
Date: Wed, 12 Aug 2015 20:44:40 +0200
Subject: policy: Be more strict about parsing pin files, and document prio 0

Treat invalid pin priorities and overflows as an error.

Closes: #429912
---
 apt-pkg/tagfile.cc | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'apt-pkg/tagfile.cc')

diff --git a/apt-pkg/tagfile.cc b/apt-pkg/tagfile.cc
index 253b1b7a3..8acecd735 100644
--- a/apt-pkg/tagfile.cc
+++ b/apt-pkg/tagfile.cc
@@ -533,9 +533,16 @@ signed int pkgTagSection::FindI(const char *Tag,signed long Default) const
       return Default;
    strncpy(S,Start,Stop-Start);
    S[Stop - Start] = 0;
-   
+
+   errno = 0;
    char *End;
    signed long Result = strtol(S,&End,10);
+   if (errno == ERANGE)
+      _error->Errno("strtol", _("Cannot convert %s to integer"), S);
+   if (Result < std::numeric_limits<int>::min() || Result > std::numeric_limits<int>::max()) {
+      errno = ERANGE;
+      _error->Errno("", _("Cannot convert %s to integer"), S);
+   }
    if (S == End)
       return Default;
    return Result;
-- 
cgit v1.2.3