From 47c05f9ff40ce5180e8b9d689ac4346d1d4bd0bc Mon Sep 17 00:00:00 2001
From: Wolfgang Corcoran-Mathe <first.lord.of.teal@gmail.com>
Date: Tue, 23 Jun 2015 13:42:41 -0400
Subject: [PATCH] join: Stricter parsing of -o list

This fixes naive parsing that would happily read a giant string
of numbers into fileno provided the first character was correct.
---
 join.c | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/join.c b/join.c
index a013946..1f2fb8c 100644
--- a/join.c
+++ b/join.c
@@ -335,19 +335,14 @@ makespec(char *s)
 	int fileno;
 	size_t fldno;
 
-	switch (s[0]) {
-	case '0':         /* join field */
+	if (!strcmp(s, "0")) {   /* join field must be 0 and nothing else */
 		fileno = 0;
 		fldno = 0;
-		break;
-	case '1': case '2':
-		if (sscanf(s, "%d.%zu", &fileno, &fldno) != 2)
-			eprintf("\"%s\": invalid format\n", s);
-		fldno--;     /* ugly */
-		break;
-	default:
-		eprintf("%c: invalid file number (must be 0, 1 or 2)\n", s[0]);
-		break;
+	} else if ((s[0] == '1' || s[0] == '2') && s[1] == '.') {
+		fileno = s[0] - '0';
+		fldno = estrtonum(&s[2], 1, MIN(LLONG_MAX, SIZE_MAX)) - 1;
+	} else {
+		eprintf("%s: invalid format\n", s);
 	}
 
 	sp = ereallocarray(NULL, INIT, sizeof(struct spec));