policy: Be more strict about parsing pin files, and document prio 0

Treat invalid pin priorities and overflows as an error.

Closes: #429912

2 files changed, 18 insertions, 4 deletions

diff --git a/apt-pkg/policy.cc b/apt-pkg/policy.cc
index bf6ec0ff7..76c36b71b 100644
--- a/apt-pkg/policy.cc
+++ b/apt-pkg/policy.cc
@@ -478,11 +478,18 @@ bool ReadPinFile(pkgPolicy &Plcy,string File)
       }
       for (; Word != End && isspace(*Word) != 0; Word++);
 
-      short int priority = Tags.FindI("Pin-Priority", 0);
+      int priority = Tags.FindI("Pin-Priority", 0);
+      if (priority < std::numeric_limits<short>::min() ||
+          priority > std::numeric_limits<short>::max() ||
+	  _error->PendingError()) {
+	 return _error->Error(_("%s: Value %s is outside the range of valid pin priorities (%d to %d)"),
+			      File.c_str(), Tags.FindS("Pin-Priority").c_str(),
+			      std::numeric_limits<short>::min(),
+			      std::numeric_limits<short>::max());
+      }
       if (priority == 0)
       {
-         _error->Warning(_("No priority (or zero) specified for pin"));
-         continue;
+         return _error->Error(_("No priority (or zero) specified for pin"));
       }
 
       istringstream s(Name);
diff --git a/apt-pkg/tagfile.cc b/apt-pkg/tagfile.cc
index 253b1b7a3..8acecd735 100644
--- a/apt-pkg/tagfile.cc
+++ b/apt-pkg/tagfile.cc
@@ -533,9 +533,16 @@ signed int pkgTagSection::FindI(const char *Tag,signed long Default) const
       return Default;
    strncpy(S,Start,Stop-Start);
    S[Stop - Start] = 0;
-   
+
+   errno = 0;
    char *End;
    signed long Result = strtol(S,&End,10);
+   if (errno == ERANGE)
+      _error->Errno("strtol", _("Cannot convert %s to integer"), S);
+   if (Result < std::numeric_limits<int>::min() || Result > std::numeric_limits<int>::max()) {
+      errno = ERANGE;
+      _error->Errno("", _("Cannot convert %s to integer"), S);
+   }
    if (S == End)
       return Default;
    return Result;