From e6604b116afef4cd603956941e299e7bcda4351a Mon Sep 17 00:00:00 2001
From: Iwona Klimaszewska <iwona.klimaszewska@intel.com>
Date: Wed, 23 Oct 2019 00:52:55 +0200
Subject: [PATCH] Fix extracting certificate id

std::strtol() expects null-terminated string. This means that passing
string_view.data() to it may cause undefined behaviour.

Let's fix it by using boost::convert instead.

Tested: Manually by sending valid requests and looking for empty
responses.

Change-Id: I319277551b5e85586783afdc8c86e4a7d8db876e
Signed-off-by: Iwona Klimaszewska <iwona.klimaszewska@intel.com>
---
 redfish-core/lib/certificate_service.hpp | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/redfish-core/lib/certificate_service.hpp b/redfish-core/lib/certificate_service.hpp
index 9b4f60ec62..f82363bc3a 100644
--- a/redfish-core/lib/certificate_service.hpp
+++ b/redfish-core/lib/certificate_service.hpp
@@ -17,6 +17,8 @@
 
 #include "node.hpp"
 
+#include <boost/convert.hpp>
+#include <boost/convert/strtol.hpp>
 #include <variant>
 namespace redfish
 {
@@ -104,17 +106,14 @@ long getIDFromURL(const std::string_view url)
     {
         return -1;
     }
+
     if ((found + 1) < url.length())
     {
-        char *endPtr;
         std::string_view str = url.substr(found + 1);
-        long value = std::strtol(str.data(), &endPtr, 10);
-        if (endPtr != str.end())
-        {
-            return -1;
-        }
-        return value;
+
+        return boost::convert<long>(str, boost::cnv::strtol()).value_or(-1);
     }
+
     return -1;
 }