[CWEB] Max out the section depth in CWEAVE/CTWILL.

CWEAVE didn't check for malicious user input like @*1234567890123456, which certainly would over-/underflow INT_MAX. :o) git-svn-id: svn://tug.org/texlive/trunk/Build/source@67831 c570f23f-e606-0410-a88d-b1316a301751
TeX-Live · Aug 7, 2023 · 9996413 · 9996413
1 parent 02e0d61
commit 9996413
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/texk/web2c/cwebdir/cweave.w b/texk/web2c/cwebdir/cweave.w
@@ -110,6 +110,11 @@ file |"common.h"|, which is also included in |"common.w"| to propagate
 possible changes from this \.{COMMON} interface consistently.
 
 @i common.h
+\.{CWEAVE} will use the |INT_MAX| limit in section
+|@<Output the code for the beginning...@>| below.
+
+@<Incl...@>=
+#include <limits.h>
 
 @* Data structures exclusive to {\tt CWEAVE}.
 As explained in \.{common.w}, the field of a |name_info| structure
@@ -4237,7 +4242,7 @@ else {
   }
   else {
     for (sec_depth=0; xisdigit(*loc);loc++)
-      sec_depth = sec_depth*10 + (*loc) -'0';
+      if (sec_depth < INT_MAX / 10) sec_depth = sec_depth*10 + (*loc) -'0';
   }
   while (*loc == ' ') loc++; /* remove spaces before group title */
   group_found=true;

diff --git a/texk/web2c/cwebdir/system.bux b/texk/web2c/cwebdir/system.bux
@@ -51,6 +51,8 @@
 @$gettext "<libintl.h>" \zip@>
 @$textdomain "<libintl.h>" \zip@>
 
+@$INT_MAX "<limits.h>" \zip@>
+
 @$bindtextdomain "<locale.h>" \zip@>
 @$setlocale "<locale.h>" \zip@>
 @$LC_CTYPE "<locale.h>" \zip@>