From 7c5306a84182f2dd5c3adce75980e31b4476b4c0 Mon Sep 17 00:00:00 2001
From: Max Kellermann <max@musicpd.org>
Date: Tue, 2 Jan 2018 17:23:10 +0100
Subject: [PATCH] config/{Block,Global}: add missing strtoul() check

---
 src/config/Block.cxx        | 10 ++++++----
 src/config/ConfigGlobal.cxx | 10 ++++++----
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/src/config/Block.cxx b/src/config/Block.cxx
index 723e5f6f0..e0f9f0263 100644
--- a/src/config/Block.cxx
+++ b/src/config/Block.cxx
@@ -31,9 +31,10 @@
 int
 BlockParam::GetIntValue() const
 {
+	const char *const s = value.c_str();
 	char *endptr;
-	long value2 = strtol(value.c_str(), &endptr, 0);
-	if (*endptr != 0)
+	long value2 = strtol(s, &endptr, 0);
+	if (endptr == s || *endptr != 0)
 		FormatFatalError("Not a valid number in line %i", line);
 
 	return value2;
@@ -42,9 +43,10 @@ BlockParam::GetIntValue() const
 unsigned
 BlockParam::GetUnsignedValue() const
 {
+	const char *const s = value.c_str();
 	char *endptr;
-	unsigned long value2 = strtoul(value.c_str(), &endptr, 0);
-	if (*endptr != 0)
+	unsigned long value2 = strtoul(s, &endptr, 0);
+	if (endptr == s || *endptr != 0)
 		FormatFatalError("Not a valid number in line %i", line);
 
 	return (unsigned)value2;
diff --git a/src/config/ConfigGlobal.cxx b/src/config/ConfigGlobal.cxx
index 8425a2e6e..b1d631a3e 100644
--- a/src/config/ConfigGlobal.cxx
+++ b/src/config/ConfigGlobal.cxx
@@ -140,8 +140,9 @@ config_get_unsigned(ConfigOption option, unsigned default_value)
 	if (param == nullptr)
 		return default_value;
 
-	value = strtol(param->value.c_str(), &endptr, 0);
-	if (*endptr != 0 || value < 0)
+	const char *const s = param->value.c_str();
+	value = strtol(s, &endptr, 0);
+	if (endptr == s || *endptr != 0 || value < 0)
 		FormatFatalError("Not a valid non-negative number in line %i",
 				 param->line);
 
@@ -158,8 +159,9 @@ config_get_positive(ConfigOption option, unsigned default_value)
 	if (param == nullptr)
 		return default_value;
 
-	value = strtol(param->value.c_str(), &endptr, 0);
-	if (*endptr != 0)
+	const char *const s = param->value.c_str();
+	value = strtol(s, &endptr, 0);
+	if (endptr == s || *endptr != 0)
 		FormatFatalError("Not a valid number in line %i", param->line);
 
 	if (value <= 0)