...
| Code Block | ||
|---|---|---|
| ||
char buff[25];
char *end_ptr;
long sl;
if (fgets(buff, sizeof(buff), stdin) == NULL) {
if (puts("EOF or read error\n") == EOF) {
/* Handle Errorerror */
}
} else {
errno = 0;
sl = strtol(buff, &end_ptr, 10);
if (ERANGE == errno) {
if (puts("number out of range\n") == EOF) {
/* Handle Errorerror */
}
}
else if (end_ptr == buff) {
if (puts("not valid numeric input\n") == EOF) {
/* Handle Errorerror */
}
}
else if ('\n' != *end_ptr && '\0' != *end_ptr) {
if (puts("extra characters on input line\n") == EOF) {
/* Handle Errorerror */
}
}
}
|
Note that this solution treats any trailing characters, including white-space characters, as an error condition.
...
While it is relatively rare for a violation of this rule recommendation to result in a security vulnerability, it can easily result in lost or misinterpreted data.
...