From c986fb7d2e924baa1b27ec8e4c025ee104b07c85 Mon Sep 17 00:00:00 2001
From: steinwand6 <57711907+steinwand6@users.noreply.github.com>
Date: Thu, 21 Nov 2024 00:11:04 +0900
Subject: [PATCH] seq: add overflow checks when parsing exponents (#6858)

* seq: remove ignore flag from test_invalid_float_point_fail_properly(#6235)

* seq: prevent overflow in parse_exponent_no_decimal

* seq: add tests for invalid floating point arguments

* seq: add overflow checks when parsing decimal with exponent

* seq: add overflow checks
---
 src/uu/seq/src/numberparse.rs | 29 ++++++++++++++++++++---------
 tests/by-util/test_seq.rs     | 14 ++++++++++++--
 2 files changed, 32 insertions(+), 11 deletions(-)

diff --git a/src/uu/seq/src/numberparse.rs b/src/uu/seq/src/numberparse.rs
index 5a5c64bb9..adbaccc11 100644
--- a/src/uu/seq/src/numberparse.rs
+++ b/src/uu/seq/src/numberparse.rs
@@ -106,16 +106,20 @@ fn parse_exponent_no_decimal(s: &str, j: usize) -> Result<PreciseNumber, ParseNu
 
     let num_integral_digits = if is_minus_zero_float(s, &x) {
         if exponent > 0 {
-            2usize + exponent as usize
+            (2usize)
+                .checked_add(exponent as usize)
+                .ok_or(ParseNumberError::Float)?
         } else {
             2usize
         }
     } else {
-        let total = j as i64 + exponent;
+        let total = (j as i64)
+            .checked_add(exponent)
+            .ok_or(ParseNumberError::Float)?;
         let result = if total < 1 {
             1
         } else {
-            total.try_into().unwrap()
+            total.try_into().map_err(|_| ParseNumberError::Float)?
         };
         if x.sign() == Sign::Minus {
             result + 1
@@ -207,7 +211,9 @@ fn parse_decimal_and_exponent(
             let integral_part: f64 = s[..j].parse().map_err(|_| ParseNumberError::Float)?;
             if integral_part.is_sign_negative() {
                 if exponent > 0 {
-                    2usize + exponent as usize
+                    2usize
+                        .checked_add(exponent as usize)
+                        .ok_or(ParseNumberError::Float)?
                 } else {
                     2usize
                 }
@@ -217,15 +223,20 @@ fn parse_decimal_and_exponent(
         };
         // Special case: if the string is "-.1e2", we need to treat it
         // as if it were "-0.1e2".
-        let total = if s.starts_with("-.") {
-            i as i64 + exponent + 1
-        } else {
-            i as i64 + exponent
+        let total = {
+            let total = (i as i64)
+                .checked_add(exponent)
+                .ok_or(ParseNumberError::Float)?;
+            if s.starts_with("-.") {
+                total.checked_add(1).ok_or(ParseNumberError::Float)?
+            } else {
+                total
+            }
         };
         if total < minimum as i64 {
             minimum
         } else {
-            total.try_into().unwrap()
+            total.try_into().map_err(|_| ParseNumberError::Float)?
         }
     };
 
diff --git a/tests/by-util/test_seq.rs b/tests/by-util/test_seq.rs
index a8bd1fb83..c14d30629 100644
--- a/tests/by-util/test_seq.rs
+++ b/tests/by-util/test_seq.rs
@@ -777,12 +777,22 @@ fn test_undefined() {
 }
 
 #[test]
-#[ignore = "Need issue #6235 to be fixed"]
 fn test_invalid_float_point_fail_properly() {
     new_ucmd!()
         .args(&["66000e000000000000000000000000000000000000000000000000000009223372036854775807"])
         .fails()
-        .stdout_only(""); // might need to be updated
+        .no_stdout()
+        .usage_error("invalid floating point argument: '66000e000000000000000000000000000000000000000000000000000009223372036854775807'");
+    new_ucmd!()
+        .args(&["-1.1e9223372036854775807"])
+        .fails()
+        .no_stdout()
+        .usage_error("invalid floating point argument: '-1.1e9223372036854775807'");
+    new_ucmd!()
+        .args(&["-.1e9223372036854775807"])
+        .fails()
+        .no_stdout()
+        .usage_error("invalid floating point argument: '-.1e9223372036854775807'");
 }
 
 #[test]