0121-w: Clamp maxcmd to the MIN/MAX_CMD_WIDTH range.

The current checks allow out-of-range values (for example, if
getenv/atoi returns ~-2GB, maxcmd becomes ~+2GB after the subtraction).
This is not a security problem, none of this is under an attacker's
control.

diff --git a/w.c b/w.c
index 1516667e9400f49acd4fb92f92c58ee00099de8a..73bc3b97d5effacda88606c30f68d39e03f723b8 100644 (file)
--- a/w.c
+++ b/w.c
@@ -626,11 +626,14 @@ int main(int argc, char **argv)
                maxcmd = atoi(p);
        else
                maxcmd = MAX_CMD_WIDTH;
-       if (MAX_CMD_WIDTH < maxcmd)
-               maxcmd = MAX_CMD_WIDTH;
+#define CLAMP_CMD_WIDTH(cw) do { \
+       if ((cw) < MIN_CMD_WIDTH) (cw) = MIN_CMD_WIDTH; \
+       if ((cw) > MAX_CMD_WIDTH) (cw) = MAX_CMD_WIDTH; \
+} while (0)
+       CLAMP_CMD_WIDTH(maxcmd);
        maxcmd -= 21 + userlen + (from ? fromlen : 0) + (longform ? 20 : 0);
-       if (maxcmd < MIN_CMD_WIDTH)
-        maxcmd = MIN_CMD_WIDTH;
+       CLAMP_CMD_WIDTH(maxcmd);
+#undef CLAMP_CMD_WIDTH
 
 
        if (header) {