upstream commit
Replace atoi and strtol conversions for integer arguments to config keywords with a checking wrapper around strtonum. This will prevent and flag invalid and negative arguments to these keywords. ok djm@ OpenBSD-Commit-ID: 99ae3981f3d608a219ccb8d2fff635ae52c17998
This commit is contained in:
parent
168ecec13f
commit
609d96b3d5
16
misc.c
16
misc.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: misc.c,v 1.119 2017/11/25 06:46:22 dtucker Exp $ */
|
||||
/* $OpenBSD: misc.c,v 1.120 2017/12/05 23:59:47 dtucker Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
|
||||
|
@ -2112,3 +2112,17 @@ bad:
|
|||
*errstr = errbuf;
|
||||
return 0;
|
||||
}
|
||||
|
||||
const char *
|
||||
atoi_err(const char *nptr, int *val)
|
||||
{
|
||||
const char *errstr = NULL;
|
||||
long long num;
|
||||
|
||||
if (nptr == NULL || *nptr == '\0')
|
||||
return "missing";
|
||||
num = strtonum(nptr, 0, INT_MAX, &errstr);
|
||||
if (errstr == NULL)
|
||||
*val = (int)num;
|
||||
return errstr;
|
||||
}
|
||||
|
|
3
misc.h
3
misc.h
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: misc.h,v 1.68 2017/11/25 06:46:22 dtucker Exp $ */
|
||||
/* $OpenBSD: misc.h,v 1.69 2017/12/05 23:59:47 dtucker Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
|
@ -74,6 +74,7 @@ double monotime_double(void);
|
|||
void lowercase(char *s);
|
||||
int unix_listener(const char *, int, int);
|
||||
int valid_domain(char *, int, const char **);
|
||||
const char *atoi_err(const char *, int *);
|
||||
|
||||
void sock_set_v6only(int);
|
||||
|
||||
|
|
16
readconf.c
16
readconf.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: readconf.c,v 1.280 2017/10/21 23:06:24 millert Exp $ */
|
||||
/* $OpenBSD: readconf.c,v 1.281 2017/12/05 23:59:47 dtucker Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -817,6 +817,7 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host,
|
|||
const struct multistate *multistate_ptr;
|
||||
struct allowed_cname *cname;
|
||||
glob_t gl;
|
||||
const char *errstr;
|
||||
|
||||
if (activep == NULL) { /* We are processing a command line directive */
|
||||
cmdline = 1;
|
||||
|
@ -1131,15 +1132,9 @@ parse_command:
|
|||
intptr = &options->port;
|
||||
parse_int:
|
||||
arg = strdelim(&s);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%.200s line %d: Missing argument.", filename, linenum);
|
||||
if (arg[0] < '0' || arg[0] > '9')
|
||||
fatal("%.200s line %d: Bad number.", filename, linenum);
|
||||
|
||||
/* Octal, decimal, or hex format? */
|
||||
value = strtol(arg, &endofnumber, 0);
|
||||
if (arg == endofnumber)
|
||||
fatal("%.200s line %d: Bad number.", filename, linenum);
|
||||
if ((errstr = atoi_err(arg, &value)) != NULL)
|
||||
fatal("%s line %d: integer value %s.",
|
||||
filename, linenum, errstr);
|
||||
if (*activep && *intptr == -1)
|
||||
*intptr = value;
|
||||
break;
|
||||
|
@ -1534,7 +1529,6 @@ parse_keytypes:
|
|||
case oCanonicalDomains:
|
||||
value = options->num_canonical_domains != 0;
|
||||
while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
|
||||
const char *errstr;
|
||||
if (!valid_domain(arg, 1, &errstr)) {
|
||||
fatal("%s line %d: %s", filename, linenum,
|
||||
errstr);
|
||||
|
|
10
servconf.c
10
servconf.c
|
@ -1,5 +1,5 @@
|
|||
|
||||
/* $OpenBSD: servconf.c,v 1.321 2017/12/05 23:56:07 dtucker Exp $ */
|
||||
/* $OpenBSD: servconf.c,v 1.322 2017/12/05 23:59:47 dtucker Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
* All rights reserved
|
||||
|
@ -1152,6 +1152,7 @@ process_server_config_line(ServerOptions *options, char *line,
|
|||
size_t len;
|
||||
long long val64;
|
||||
const struct multistate *multistate_ptr;
|
||||
const char *errstr;
|
||||
|
||||
/* Strip trailing whitespace. Allow \f (form feed) at EOL only */
|
||||
if ((len = strlen(line)) == 0)
|
||||
|
@ -1441,10 +1442,9 @@ process_server_config_line(ServerOptions *options, char *line,
|
|||
intptr = &options->x11_display_offset;
|
||||
parse_int:
|
||||
arg = strdelim(&cp);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%s line %d: missing integer value.",
|
||||
filename, linenum);
|
||||
value = atoi(arg);
|
||||
if ((errstr = atoi_err(arg, &value)) != NULL)
|
||||
fatal("%s line %d: integer value %s.",
|
||||
filename, linenum, errstr);
|
||||
if (*activep && *intptr == -1)
|
||||
*intptr = value;
|
||||
break;
|
||||
|
|
Loading…
Reference in New Issue