Fix of ancient WinBoard bug: check value of int options

Only strings of digits are accepted now.

diff --git a/winboard/winboard.c b/winboard/winboard.c
index 1e65185..a7705c4 100644 (file)
--- a/winboard/winboard.c
+++ b/winboard/winboard.c
@@ -1462,6 +1462,15 @@ ExitArgError(char *msg, char *badArg)
   exit(2);\r
 }\r
 \r
+int\r
+ValidateInt(char *s)\r
+{\r
+  char *p = s;\r
+  if(*p == '-' || *p == '+') p++;\r
+  while(*p) if(!isdigit(*p++)) ExitArgError("Bad integer value", s);\r
+  return atoi(s);\r
+}\r
+\r
 /* Command line font name parser.  NULL name means do nothing.\r
    Syntax like "Courier New:10.0 bi" or "Arial:10" or "Arial:10b"\r
    For backward compatibility, syntax without the colon is also\r
@@ -1773,19 +1782,19 @@ ParseArgs(GetFunc get, void *cl)
 \r
     switch (ad->argType) {\r
     case ArgInt:\r
-      *(int *) ad->argLoc = atoi(argValue);\r
+      *(int *) ad->argLoc = ValidateInt(argValue);\r
       break;\r
 \r
     case ArgX:\r
-      *(int *) ad->argLoc = atoi(argValue) + boardX; // [HGM] placement: translate stored relative to absolute \r
+      *(int *) ad->argLoc = ValidateInt(argValue) + boardX; // [HGM] placement: translate stored relative to absolute \r
       break;\r
 \r
     case ArgY:\r
-      *(int *) ad->argLoc = atoi(argValue) + boardY; // (this is really kludgey, it should be done where used...)\r
+      *(int *) ad->argLoc = ValidateInt(argValue) + boardY; // (this is really kludgey, it should be done where used...)\r
       break;\r
 \r
     case ArgZ:\r
-      *(int *) ad->argLoc = atoi(argValue);\r
+      *(int *) ad->argLoc = ValidateInt(argValue);\r
       EnsureOnScreen(&boardX, &boardY, minX, minY); \r
       break;\r
 \r