Integer Overflow in ex17.c

Hi there,

after compiling the example ex17.c you are able to provide it with command line args such as

./ex17 db.dat l

if you enter a valid number (1-99) it returns results as expected. If you enter 100, it informs you there aren’t that many records (as expected). If you provide a sufficiently large number (100000000000000000000000000000000000000) the integers overflows, and the program will still return a list of the records.

How do we prevent this? we already check MAX_ROWS but that isn’t preventing this vulnerability

I’m having to break the crust off my brain here, but I believe you can restrict the input of an int easiest with fscanf. Do it on stdin, with a format that has a limited number of digits and writes to a long int or unsigned long int.