[openssh-commits] [openssh] 05/06: upstream commit
git+noreply at mindrot.org
git+noreply at mindrot.org
Thu Dec 7 11:49:28 AEDT 2017
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit 609d96b3d58475a15b2eb6b3d463f2c5d8e510c0
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date: Tue Dec 5 23:59:47 2017 +0000
upstream commit
Replace atoi and strtol conversions for integer arguments
to config keywords with a checking wrapper around strtonum. This will
prevent and flag invalid and negative arguments to these keywords. ok djm@
OpenBSD-Commit-ID: 99ae3981f3d608a219ccb8d2fff635ae52c17998
---
misc.c | 16 +++++++++++++++-
misc.h | 3 ++-
readconf.c | 16 +++++-----------
servconf.c | 10 +++++-----
4 files changed, 27 insertions(+), 18 deletions(-)
diff --git a/misc.c b/misc.c
index dfa0bb33..3d6bc356 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.119 2017/11/25 06:46:22 dtucker Exp $ */
+/* $OpenBSD: misc.c,v 1.120 2017/12/05 23:59:47 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@@ -2112,3 +2112,17 @@ bad:
*errstr = errbuf;
return 0;
}
+
+const char *
+atoi_err(const char *nptr, int *val)
+{
+ const char *errstr = NULL;
+ long long num;
+
+ if (nptr == NULL || *nptr == '\0')
+ return "missing";
+ num = strtonum(nptr, 0, INT_MAX, &errstr);
+ if (errstr == NULL)
+ *val = (int)num;
+ return errstr;
+}
diff --git a/misc.h b/misc.h
index 4fa029a2..e8e6a18d 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.68 2017/11/25 06:46:22 dtucker Exp $ */
+/* $OpenBSD: misc.h,v 1.69 2017/12/05 23:59:47 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -74,6 +74,7 @@ double monotime_double(void);
void lowercase(char *s);
int unix_listener(const char *, int, int);
int valid_domain(char *, int, const char **);
+const char *atoi_err(const char *, int *);
void sock_set_v6only(int);
diff --git a/readconf.c b/readconf.c
index 63baa7d7..10b57bd4 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.280 2017/10/21 23:06:24 millert Exp $ */
+/* $OpenBSD: readconf.c,v 1.281 2017/12/05 23:59:47 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -817,6 +817,7 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host,
const struct multistate *multistate_ptr;
struct allowed_cname *cname;
glob_t gl;
+ const char *errstr;
if (activep == NULL) { /* We are processing a command line directive */
cmdline = 1;
@@ -1131,15 +1132,9 @@ parse_command:
intptr = &options->port;
parse_int:
arg = strdelim(&s);
- if (!arg || *arg == '\0')
- fatal("%.200s line %d: Missing argument.", filename, linenum);
- if (arg[0] < '0' || arg[0] > '9')
- fatal("%.200s line %d: Bad number.", filename, linenum);
-
- /* Octal, decimal, or hex format? */
- value = strtol(arg, &endofnumber, 0);
- if (arg == endofnumber)
- fatal("%.200s line %d: Bad number.", filename, linenum);
+ if ((errstr = atoi_err(arg, &value)) != NULL)
+ fatal("%s line %d: integer value %s.",
+ filename, linenum, errstr);
if (*activep && *intptr == -1)
*intptr = value;
break;
@@ -1534,7 +1529,6 @@ parse_keytypes:
case oCanonicalDomains:
value = options->num_canonical_domains != 0;
while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
- const char *errstr;
if (!valid_domain(arg, 1, &errstr)) {
fatal("%s line %d: %s", filename, linenum,
errstr);
diff --git a/servconf.c b/servconf.c
index a9d727fd..ff94bbd6 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.321 2017/12/05 23:56:07 dtucker Exp $ */
+/* $OpenBSD: servconf.c,v 1.322 2017/12/05 23:59:47 dtucker Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -1152,6 +1152,7 @@ process_server_config_line(ServerOptions *options, char *line,
size_t len;
long long val64;
const struct multistate *multistate_ptr;
+ const char *errstr;
/* Strip trailing whitespace. Allow \f (form feed) at EOL only */
if ((len = strlen(line)) == 0)
@@ -1441,10 +1442,9 @@ process_server_config_line(ServerOptions *options, char *line,
intptr = &options->x11_display_offset;
parse_int:
arg = strdelim(&cp);
- if (!arg || *arg == '\0')
- fatal("%s line %d: missing integer value.",
- filename, linenum);
- value = atoi(arg);
+ if ((errstr = atoi_err(arg, &value)) != NULL)
+ fatal("%s line %d: integer value %s.",
+ filename, linenum, errstr);
if (*activep && *intptr == -1)
*intptr = value;
break;
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list