From 110b55214b005b8667eb5612981cf62ccd4f5127 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@codeconstruct.com.au>
Date: Tue, 12 Oct 2021 23:31:09 +0800
Subject: [PATCH] Partial strings from strtoul should return error

---
 dbutil.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/dbutil.c b/dbutil.c
index 53256a2..f278efa 100644
--- a/dbutil.c
+++ b/dbutil.c
@@ -583,8 +583,15 @@ void disallow_core() {
 /* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE, with the result in *val */
 int m_str_to_uint(const char* str, unsigned int *val) {
 	unsigned long l;
-	errno = 0;
-	l = strtoul(str, NULL, 10);
+	char *endp;
+
+	l = strtoul(str, &endp, 10);
+
+	if (endp == str || *endp != '\0') {
+		// parse error
+		return DROPBEAR_FAILURE;
+	}
+
 	/* The c99 spec doesn't actually seem to define EINVAL, but most platforms
 	 * I've looked at mention it in their manpage */
 	if ((l == 0 && errno == EINVAL)