From 2fc258a9d68531ad81ff8d7b9edfe9bc70438f8a Mon Sep 17 00:00:00 2001
From: Rose <83477269+AtariDreams@users.noreply.github.com>
Date: Tue, 4 Jul 2023 17:08:11 -0400
Subject: [PATCH] Ensure strtonum returns a number that is always positive in
 the range of an integer

We should be using INT_MAX, not UINT_MAX, and checking for errors via errstr, as opposed to allowing negative numbers.
---
 ssh-add.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/ssh-add.c b/ssh-add.c
index 752b86dfcd8e..e9d68e3d675c 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -788,6 +788,7 @@ main(int argc, char **argv)
 	extern char *optarg;
 	extern int optind;
 	int agent_fd;
+	const char *errstr = NULL;
 	char *pkcs11provider = NULL, *skprovider = NULL;
 	char **dest_constraint_strings = NULL, **hostkey_files = NULL;
 	int r, i, ch, deleting = 0, ret = 0, key_only = 0, do_download = 0;
@@ -863,16 +864,16 @@ main(int argc, char **argv)
 			confirm = 1;
 			break;
 		case 'm':
-			minleft = (int)strtonum(optarg, 1, UINT_MAX, NULL);
-			if (minleft == 0) {
+			minleft = (int)strtonum(optarg, 1, INT_MAX, &errstr);
+			if (errstr) {
 				usage();
 				ret = 1;
 				goto done;
 			}
 			break;
 		case 'M':
-			maxsign = (int)strtonum(optarg, 1, UINT_MAX, NULL);
-			if (maxsign == 0) {
+			maxsign = (int)strtonum(optarg, 1, INT_MAX, &errstr);
+			if (errstr) {
 				usage();
 				ret = 1;
 				goto done;