Make strtol() parsing even stricter in parseoffset()

Be strict about what we pass to it and how we handle errors.
The base-check is done by strtol anyway.
Also improve error-reporting.

libutil/parseoffset.c

@@ -1,5 +1,6 @@
 /* See LICENSE file for copyright and license details. */
 #include <ctype.h>
+#include <errno.h>
 #include <inttypes.h>
 #include <stdlib.h>
 #include <string.h>
@@ -9,25 +10,21 @@
 off_t
 parseoffset(const char *str)
 {
-	off_t res;
+	off_t res, scale = 1;
-	size_t scale = 1;
-	int base = 10;
 	char *end;
 
-	if (!str || !*str) {
+	/* strictly check what strtol() usually would let pass */
-		weprintf("parseoffset: empty string\n");
+	if (!str || !*str || isspace(*str) || *str == '+' || *str == '-') {
+		weprintf("parseoffset %s: invalid value\n", str);
 		return -1;
 	}
 
-	/* bases */
+	errno = 0;
-	if (!strncasecmp(str, "0x", strlen("0x"))) {
+	res = strtol(str, &end, 0);
-		base = 16;
+	if (errno) {
-	} else if (*str == '0') {
+		weprintf("parseoffset %s: invalid value\n", str);
-		str++;
+		return -1;
-		base = 8;
 	}
-
-	res = strtol(str, &end, base);
 	if (res < 0) {
 		weprintf("parseoffset %s: negative value\n", str);
 		return -1;
@@ -49,7 +46,7 @@ parseoffset(const char *str)
 			scale = 1024L * 1024L * 1024L;
 			break;
 		default:
-			weprintf("parseoffset %s: invalid suffix\n", str);
+			weprintf("parseoffset %s: invalid suffix '%s'\n", str, end);
 			return -1;
 		}
 	}