StringToBool: only act if the entire string is consumed by strtol()

StringToBool uses strtol() internally to check if the argument is a number. This function stops when it does not find any more numbers. So a string like "0ad" (which is a valid packagename) is interpreted as a "0". The code now checks that the entire string is consumed not just a part of it. Thanks to Johannes Schauer for raising this issue.
author: Michael Vogt <mvo@ubuntu.com> 2014-07-16 13:57:50 +0200
committer: Michael Vogt <mvo@ubuntu.com> 2014-07-16 14:14:40 +0200
commit: 08be0ca32ad69e9ebf28fe26aa85990700c81cf6 (patch)
tree: f4cf9d468b1350005126c4f0e77e8d1d0f903b28 /apt-pkg
parent: 67c160fb95359506bca3e2899ea4851abdb157c4 (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/apt-pkg/contrib/strutl.cc b/apt-pkg/contrib/strutl.cc
index ce69c7a02..922229e90 100644
--- a/apt-pkg/contrib/strutl.cc
+++ b/apt-pkg/contrib/strutl.cc
@@ -704,9 +704,12 @@ string LookupTag(const string &Message,const char *Tag,const char *Default)
    then returns the result. Several varients on true/false are checked. */
 int StringToBool(const string &Text,int Default)
 {
-   char *End;
-   int Res = strtol(Text.c_str(),&End,0);   
-   if (End != Text.c_str() && Res >= 0 && Res <= 1)
+   char *ParseEnd;
+   int Res = strtol(Text.c_str(),&ParseEnd,0);
+   // ensure that the entire string was converted by strtol to avoid
+   // failures on "apt-cache show -a 0ad" where the "0" is converted
+   const char *TextEnd = Text.c_str()+Text.size();
+   if (ParseEnd == TextEnd && Res >= 0 && Res <= 1)
       return Res;
    
    // Check for positives
author	Michael Vogt <mvo@ubuntu.com>	2014-07-16 13:57:50 +0200
committer	Michael Vogt <mvo@ubuntu.com>	2014-07-16 14:14:40 +0200
commit	08be0ca32ad69e9ebf28fe26aa85990700c81cf6 (patch)
tree	f4cf9d468b1350005126c4f0e77e8d1d0f903b28 /apt-pkg
parent	67c160fb95359506bca3e2899ea4851abdb157c4 (diff)