commit b2b738a
uint
·
2026-01-28 23:23:12 +0000 UTC
parent b4369fb
harden parse_hex64 function make sure only hex chars are being used enforce exact legths NULL checks
1 files changed,
+11,
-5
+11,
-5
1@@ -185,16 +185,22 @@ static const char* mime_from_path(const char* path)
2
3 static int parse_hex64(const char* s, uint64_t* out)
4 {
5- char* end = NULL;
6+ if (!s || !out)
7+ return -1;
8
9- if (!s || *s == '\0')
10+ if (strlen(s) != 16)
11 return -1;
12
13+ for (size_t i = 0; i < 16; i++) {
14+ unsigned char c = (unsigned char)s[i];
15+ if (!((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F')))
16+ return -1;
17+ }
18+
19+ char* end = NULL;
20 errno = 0;
21 unsigned long long v = strtoull(s, &end, 16);
22- if (errno != 0)
23- return -1;
24- if (!end || *end != '\0')
25+ if (errno != 0 || !end || *end != '\0')
26 return -1;
27
28 *out = (uint64_t)v;