@@ -1,4 +1,4 @@
-.\"     $NetBSD: p2k.3,v 1.9 2011/01/07 15:50:40 pooka Exp $
+.\"     $NetBSD: p2k.3,v 1.10 2011/01/07 16:02:32 pooka Exp $
 .\"
 .\" Copyright (c) 2008 Antti Kantee.  All rights reserved.
 .\"
@@ -118,10 +118,8 @@
 If set, use the value of the variable to determine the UID of the
 caller of each operation instead of the actual caller supplied by
 .Xr puffs 3 .
-This can be used for example to simplify modifying an OS installations
+This can be used for example to simplify modifying an OS installation's
 root image as a non-root user.
-If the variable is set but does not contain an integer value, 0
-(root) is used.
 .El
 .Sh SEE ALSO
 .Xr puffs 3 ,

@@ -1,4 +1,4 @@
-/*	$NetBSD: p2k.c,v 1.53 2011/01/07 15:47:14 pooka Exp $	*/
+/*	$NetBSD: p2k.c,v 1.54 2011/01/07 16:02:32 pooka Exp $	*/
 
 /*
  * Copyright (c) 2007, 2008, 2009  Antti Kantee.  All Rights Reserved.
@@ -344,10 +344,17 @@
 		puffs_flags |= PUFFS_KFLAG_NOCACHE;
 	}
 	if ((envbuf = getenv("P2K_WIZARDUID")) != NULL) {
-		/* default to 0 in error cases */
-		wizarduid = atoi(envbuf);
-		haswizard = 1;
-		printf("P2K WIZARD MODE: using uid %d\n", wizarduid);
+		char *ep;
+
+		wizarduid = strtoul(envbuf, &ep, 10);
+		if (envbuf[0] == '\0' || *ep != '\0') {
+			printf("P2K_WIZARDUID: invalid uid %s\n", envbuf);
+		} else if (wizarduid > UID_MAX) {
+			printf("P2K_WIZARDUID: uid %s out-of-range\n", envbuf);
+		} else {
+			haswizard = 1;
+			printf("P2K WIZARD MODE: using uid %d\n", wizarduid);
+		}
 	}
 
 	p2m = allocp2m();