Subj : src/sbbs3/userdat.c
To   : Git commit to main/sbbs/master
From : Rob Swindell (in GitKraken)
Date : Fri Mar 10 2023 19:59:26

https://gitlab.synchro.net/main/sbbs/-/commit/edc931be6282acafdf043532
Modified Files:
	src/sbbs3/userdat.c
Log Message:
More strict login-by-user-number support (parsing logic)Before now, if the sysop enabled login-by-user-number and the specified loginID *started* with a decimal digit, it'd be treated as a user number andconverted to a 32-bit integer. This could result in weird stuff, like thiserror I got today:SMTP ... !ERROR -2 getting data on user (7000401005.gc7gg@synchro.net)7,000,401,005 is clearly greater than the number of users in my user baseon Vert, but since 7B is > 2.1B (0x7fffffff), the number would be parsed asa *negative* integer value and thus less than the total number of users in myuserbase.An obvious solution would be to just turn of login-by-user-number, and formost systems, I suggest doing that (a system is less secure with it enabled).However, I want to leave the option for sysops (at least for now) and don'twant this weird behavior so, a login by user number now requires that theentire login ID is just decimal numbers, nothing else, and the number isparsed as an unsigned integer. So yes, roll-over can happen for very highnumbers (>4.2B), but in no instance will the number be parsed as negative andthus lead to an invalid user record look-up attempt.
--- SBBSecho 3.20-Linux
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

.