Change SecRequestBody(NoFiles)Limit parsing method

src/parser/seclang-parser.yy

@@ -1609,12 +1609,20 @@ expression:
     | CONFIG_DIR_REQ_BODY_LIMIT
       {
         driver.m_requestBodyLimit.m_set = true;
-        driver.m_requestBodyLimit.m_value = atoi($1.c_str());
+        if (modsecurity::utils::string::parse_unsigned_int($1, &driver.m_requestBodyLimit.m_value) != 1) {
+          std::stringstream ss;
+          ss << "Failed to parse SecRequestBodyLimit value as an unsigned integer.";
+          driver.error(@0, ss.str());
+        }
       }
     | CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT
       {
         driver.m_requestBodyNoFilesLimit.m_set = true;
-        driver.m_requestBodyNoFilesLimit.m_value = atoi($1.c_str());
+        if (modsecurity::utils::string::parse_unsigned_int($1, &driver.m_requestBodyNoFilesLimit.m_value) != 1) {
+          std::stringstream ss;
+          ss << "Failed to parse SecRequestBodyNoFilesLimit value as an unsigned integer.";
+          driver.error(@0, ss.str());
+        }
       }
     | CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT
       {

src/utils/string.h

@@ -25,6 +25,7 @@
 #include <sstream>
 #include <iomanip>
 #include <time.h>
+#include <climits>
 
 #ifdef WIN32
 #include "src/compat/msvc.h"
@@ -276,6 +277,30 @@ inline std::string toupper(std::string str) { // cppcheck-suppress passedByValue
     return toCaseHelper(str, ::toupper);
 }
 
+inline int parse_unsigned_int(std::string a, unsigned int *res) {
+    char *endptr = NULL;
+    errno = 0;
+
+    unsigned long val = strtoul(a.c_str(), &endptr, 10);
+
+    if (a.c_str() == endptr) {
+        // no number
+        return 0;
+    }
+
+    if (*endptr != '\0') {
+        // broken conversion
+        return 0;
+    }
+
+    if (errno == ERANGE || val > UINT_MAX) {
+        // unsigned int overflow
+        return 0;
+    }
+
+    *res = static_cast<unsigned int>(val);
+    return 1;
+}
 
 }  // namespace modsecurity::utils::string