Verify the argument to -k is a non-negative integer. Leading zeros are simply tripped. 'declare -i keep' allowed the argument to -k to be any arithmetic evaluation expression. The simple assignment 'keep=$OPTARG' triggers arithmetic evaluation implicitly, which can either consume a huge amount of resources with input such as '2**2**32' or immediately produce an error on invalid input. Instead, we simply 'declare -- keep' and avoid all that. Signed-off-by: lolilolicon <lolilolicon@gmail.com> --- contrib/paccache.in | 8 +++++--- 1 files changed, 5 insertions(+), 3 deletions(-) diff --git a/contrib/paccache.in b/contrib/paccache.in index 11b7bbb..7c35cf2 100755 --- a/contrib/paccache.in +++ b/contrib/paccache.in @@ -21,8 +21,8 @@ shopt -s extglob declare -a candidates=() cmdopts=() whitelist=() blacklist=() -declare -i delete=0 dryrun=0 filecount=0 keep=3 move=0 totalsaved=0 -declare cachedir=@localstatedir@/cache/pacman/pkg delim=$'\n' movedir= scanarch= +declare -i delete=0 dryrun=0 filecount=0 move=0 totalsaved=0 +declare cachedir=@localstatedir@/cache/pacman/pkg delim=$'\n' keep=3 movedir= scanarch= msg() { local mesg=$1; shift @@ -220,8 +220,10 @@ while getopts ':a:c:dfhi:k:m:rsuvz' opt; do blacklist+=("${ign[@]}") unset i ign ;; k) keep=$OPTARG - if [[ $keep != $OPTARG ]] || (( keep < 0 )); then + if [[ -z $keep || -n ${keep//[0-9]/} ]]; then die 'argument to option -k must be a non-negative integer' + else + keep=$(( 10#$keep )) fi ;; m) move=1 movedir=$OPTARG ;; r) delete=1 ;; -- 1.7.6.4