1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 23:58:49 -05:00

setopt: range check most long options

... filter early instead of risking "funny values" having to be dealt
with elsewhere.
This commit is contained in:
Daniel Stenberg 2017-10-14 17:20:13 +02:00
parent 172ce9cc19
commit f121575c0b
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2

187
lib/url.c
View File

@ -721,13 +721,14 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
char *argptr; char *argptr;
CURLcode result = CURLE_OK; CURLcode result = CURLE_OK;
long arg; long arg;
#ifndef CURL_DISABLE_HTTP
curl_off_t bigsize; curl_off_t bigsize;
#endif
switch(option) { switch(option) {
case CURLOPT_DNS_CACHE_TIMEOUT: case CURLOPT_DNS_CACHE_TIMEOUT:
data->set.dns_cache_timeout = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.dns_cache_timeout = arg;
break; break;
case CURLOPT_DNS_USE_GLOBAL_CACHE: case CURLOPT_DNS_USE_GLOBAL_CACHE:
/* remember we want this enabled */ /* remember we want this enabled */
@ -765,7 +766,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
* Set the absolute number of maximum simultaneous alive connection that * Set the absolute number of maximum simultaneous alive connection that
* libcurl is allowed to have. * libcurl is allowed to have.
*/ */
data->set.maxconnects = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.maxconnects = arg;
break; break;
case CURLOPT_FORBID_REUSE: case CURLOPT_FORBID_REUSE:
/* /*
@ -892,7 +896,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* TFTP option that specifies the block size to use for data transmission. * TFTP option that specifies the block size to use for data transmission.
*/ */
data->set.tftp_blksize = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.tftp_blksize = arg;
break; break;
case CURLOPT_DIRLISTONLY: case CURLOPT_DIRLISTONLY:
/* /*
@ -911,13 +918,19 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* How do access files over FTP. * How do access files over FTP.
*/ */
data->set.ftp_filemethod = (curl_ftpfile)va_arg(param, long); arg = va_arg(param, long);
if((arg < CURLFTPMETHOD_DEFAULT) || (arg > CURLFTPMETHOD_SINGLECWD))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.ftp_filemethod = (curl_ftpfile)arg;
break; break;
case CURLOPT_NETRC: case CURLOPT_NETRC:
/* /*
* Parse the $HOME/.netrc file * Parse the $HOME/.netrc file
*/ */
data->set.use_netrc = (enum CURL_NETRC_OPTION)va_arg(param, long); arg = va_arg(param, long);
if((arg < CURL_NETRC_IGNORED) || (arg > CURL_NETRC_REQUIRED))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.use_netrc = (enum CURL_NETRC_OPTION)arg;
break; break;
case CURLOPT_NETRC_FILE: case CURLOPT_NETRC_FILE:
/* /*
@ -940,7 +953,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
* Set HTTP time condition. This must be one of the defines in the * Set HTTP time condition. This must be one of the defines in the
* curl/curl.h header file. * curl/curl.h header file.
*/ */
data->set.timecondition = (curl_TimeCond)va_arg(param, long); arg = va_arg(param, long);
if((arg < CURL_TIMECOND_NONE) || (arg > CURL_TIMECOND_LASTMOD))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.timecondition = (curl_TimeCond)arg;
break; break;
case CURLOPT_TIMEVALUE: case CURLOPT_TIMEVALUE:
/* /*
@ -956,6 +972,8 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
*/ */
#ifdef USE_SSL #ifdef USE_SSL
arg = va_arg(param, long); arg = va_arg(param, long);
if((arg < CURL_SSLVERSION_DEFAULT) || (arg > CURL_SSLVERSION_TLSv1_3))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.ssl.primary.version = C_SSLVERSION_VALUE(arg); data->set.ssl.primary.version = C_SSLVERSION_VALUE(arg);
data->set.ssl.primary.version_max = C_SSLVERSION_MAX_VALUE(arg); data->set.ssl.primary.version_max = C_SSLVERSION_MAX_VALUE(arg);
#else #else
@ -969,6 +987,8 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
*/ */
#ifdef USE_SSL #ifdef USE_SSL
arg = va_arg(param, long); arg = va_arg(param, long);
if((arg < CURL_SSLVERSION_DEFAULT) || (arg > CURL_SSLVERSION_TLSv1_3))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.proxy_ssl.primary.version = C_SSLVERSION_VALUE(arg); data->set.proxy_ssl.primary.version = C_SSLVERSION_VALUE(arg);
data->set.proxy_ssl.primary.version_max = C_SSLVERSION_MAX_VALUE(arg); data->set.proxy_ssl.primary.version_max = C_SSLVERSION_MAX_VALUE(arg);
#else #else
@ -1026,7 +1046,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
* The maximum amount of hops you allow curl to follow Location: * The maximum amount of hops you allow curl to follow Location:
* headers. This should mostly be used to detect never-ending loops. * headers. This should mostly be used to detect never-ending loops.
*/ */
data->set.maxredirs = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.maxredirs = arg;
break; break;
case CURLOPT_POSTREDIR: case CURLOPT_POSTREDIR:
@ -1041,6 +1064,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
* other - POST is kept as POST after 301 and 302 * other - POST is kept as POST after 301 and 302
*/ */
arg = va_arg(param, long); arg = va_arg(param, long);
if(arg < CURL_REDIR_GET_ALL)
/* no return error on too high numbers since the bitmask could be
extended in a future */
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.keep_post = arg & CURL_REDIR_POST_ALL; data->set.keep_post = arg & CURL_REDIR_POST_ALL;
} }
break; break;
@ -1120,6 +1147,8 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
* figure it out. Enables binary posts. * figure it out. Enables binary posts.
*/ */
bigsize = va_arg(param, long); bigsize = va_arg(param, long);
if(bigsize < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
if(data->set.postfieldsize < bigsize && if(data->set.postfieldsize < bigsize &&
data->set.postfields == data->set.str[STRING_COPYPOSTFIELDS]) { data->set.postfields == data->set.str[STRING_COPYPOSTFIELDS]) {
@ -1369,9 +1398,14 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
* the listed enums in curl/curl.h. * the listed enums in curl/curl.h.
*/ */
arg = va_arg(param, long); arg = va_arg(param, long);
if(arg < CURL_HTTP_VERSION_NONE)
return CURLE_BAD_FUNCTION_ARGUMENT;
#ifndef USE_NGHTTP2 #ifndef USE_NGHTTP2
if(arg >= CURL_HTTP_VERSION_2) if(arg >= CURL_HTTP_VERSION_2)
return CURLE_UNSUPPORTED_PROTOCOL; return CURLE_UNSUPPORTED_PROTOCOL;
#else
if(arg > CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE)
return CURLE_UNSUPPORTED_PROTOCOL;
#endif #endif
data->set.httpversion = arg; data->set.httpversion = arg;
break; break;
@ -1381,7 +1415,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
* Time to wait for a response to a HTTP request containing an * Time to wait for a response to a HTTP request containing an
* Expect: 100-continue header before sending the data anyway. * Expect: 100-continue header before sending the data anyway.
*/ */
data->set.expect_100_timeout = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.expect_100_timeout = arg;
break; break;
#endif /* CURL_DISABLE_HTTP */ #endif /* CURL_DISABLE_HTTP */
@ -1463,7 +1500,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* Explicitly set HTTP proxy port number. * Explicitly set HTTP proxy port number.
*/ */
data->set.proxyport = va_arg(param, long); arg = va_arg(param, long);
if((arg < 0) || (arg > 65535))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.proxyport = arg;
break; break;
case CURLOPT_PROXYAUTH: case CURLOPT_PROXYAUTH:
@ -1546,7 +1586,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* Set proxy type. HTTP/HTTP_1_0/SOCKS4/SOCKS4a/SOCKS5/SOCKS5_HOSTNAME * Set proxy type. HTTP/HTTP_1_0/SOCKS4/SOCKS4a/SOCKS5/SOCKS5_HOSTNAME
*/ */
data->set.proxytype = (curl_proxytype)va_arg(param, long); arg = va_arg(param, long);
if((arg < CURLPROXY_HTTP) || (arg > CURLPROXY_SOCKS5_HOSTNAME))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.proxytype = (curl_proxytype)arg;
break; break;
case CURLOPT_PROXY_TRANSFER_MODE: case CURLOPT_PROXY_TRANSFER_MODE:
@ -1645,7 +1688,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
break; break;
case CURLOPT_FTP_SSL_CCC: case CURLOPT_FTP_SSL_CCC:
data->set.ftp_ccc = (curl_ftpccc)va_arg(param, long); arg = va_arg(param, long);
if((arg < CURLFTPSSL_CCC_NONE) || (arg > CURLFTPSSL_CCC_ACTIVE))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.ftp_ccc = (curl_ftpccc)arg;
break; break;
case CURLOPT_FTP_SKIP_PASV_IP: case CURLOPT_FTP_SKIP_PASV_IP:
@ -1668,42 +1714,60 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
* If known, this should inform curl about the file size of the * If known, this should inform curl about the file size of the
* to-be-uploaded file. * to-be-uploaded file.
*/ */
data->set.filesize = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.filesize = arg;
break; break;
case CURLOPT_INFILESIZE_LARGE: case CURLOPT_INFILESIZE_LARGE:
/* /*
* If known, this should inform curl about the file size of the * If known, this should inform curl about the file size of the
* to-be-uploaded file. * to-be-uploaded file.
*/ */
data->set.filesize = va_arg(param, curl_off_t); bigsize = va_arg(param, curl_off_t);
if(bigsize < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.filesize = bigsize;
break; break;
case CURLOPT_LOW_SPEED_LIMIT: case CURLOPT_LOW_SPEED_LIMIT:
/* /*
* The low speed limit that if transfers are below this for * The low speed limit that if transfers are below this for
* CURLOPT_LOW_SPEED_TIME, the transfer is aborted. * CURLOPT_LOW_SPEED_TIME, the transfer is aborted.
*/ */
data->set.low_speed_limit = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.low_speed_limit = arg;
break; break;
case CURLOPT_MAX_SEND_SPEED_LARGE: case CURLOPT_MAX_SEND_SPEED_LARGE:
/* /*
* When transfer uploads are faster then CURLOPT_MAX_SEND_SPEED_LARGE * When transfer uploads are faster then CURLOPT_MAX_SEND_SPEED_LARGE
* bytes per second the transfer is throttled.. * bytes per second the transfer is throttled..
*/ */
data->set.max_send_speed = va_arg(param, curl_off_t); bigsize = va_arg(param, curl_off_t);
if(bigsize < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.max_send_speed = bigsize;
break; break;
case CURLOPT_MAX_RECV_SPEED_LARGE: case CURLOPT_MAX_RECV_SPEED_LARGE:
/* /*
* When receiving data faster than CURLOPT_MAX_RECV_SPEED_LARGE bytes per * When receiving data faster than CURLOPT_MAX_RECV_SPEED_LARGE bytes per
* second the transfer is throttled.. * second the transfer is throttled..
*/ */
data->set.max_recv_speed = va_arg(param, curl_off_t); bigsize = va_arg(param, curl_off_t);
if(bigsize < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.max_recv_speed = bigsize;
break; break;
case CURLOPT_LOW_SPEED_TIME: case CURLOPT_LOW_SPEED_TIME:
/* /*
* The low speed time that if transfers are below the set * The low speed time that if transfers are below the set
* CURLOPT_LOW_SPEED_LIMIT during this time, the transfer is aborted. * CURLOPT_LOW_SPEED_LIMIT during this time, the transfer is aborted.
*/ */
data->set.low_speed_time = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.low_speed_time = arg;
break; break;
case CURLOPT_URL: case CURLOPT_URL:
/* /*
@ -1722,7 +1786,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* The port number to use when getting the URL * The port number to use when getting the URL
*/ */
data->set.use_port = va_arg(param, long); arg = va_arg(param, long);
if((arg < 0) || (arg > 65535))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.use_port = arg;
break; break;
case CURLOPT_TIMEOUT: case CURLOPT_TIMEOUT:
/* /*
@ -1737,7 +1804,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
break; break;
case CURLOPT_TIMEOUT_MS: case CURLOPT_TIMEOUT_MS:
data->set.timeout = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.timeout = arg;
break; break;
case CURLOPT_CONNECTTIMEOUT: case CURLOPT_CONNECTTIMEOUT:
@ -1752,14 +1822,20 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
break; break;
case CURLOPT_CONNECTTIMEOUT_MS: case CURLOPT_CONNECTTIMEOUT_MS:
data->set.connecttimeout = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.connecttimeout = arg;
break; break;
case CURLOPT_ACCEPTTIMEOUT_MS: case CURLOPT_ACCEPTTIMEOUT_MS:
/* /*
* The maximum time you allow curl to wait for server connect * The maximum time you allow curl to wait for server connect
*/ */
data->set.accepttimeout = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.accepttimeout = arg;
break; break;
case CURLOPT_USERPWD: case CURLOPT_USERPWD:
@ -1908,13 +1984,19 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* Resume transfer at the given file position * Resume transfer at the given file position
*/ */
data->set.set_resume_from = va_arg(param, long); arg = va_arg(param, long);
if(arg < -1)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.set_resume_from = arg;
break; break;
case CURLOPT_RESUME_FROM_LARGE: case CURLOPT_RESUME_FROM_LARGE:
/* /*
* Resume transfer at the given file position * Resume transfer at the given file position
*/ */
data->set.set_resume_from = va_arg(param, curl_off_t); bigsize = va_arg(param, curl_off_t);
if(bigsize < -1)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.set_resume_from = bigsize;
break; break;
case CURLOPT_DEBUGFUNCTION: case CURLOPT_DEBUGFUNCTION:
/* /*
@ -2143,9 +2225,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
break; break;
case CURLOPT_GSSAPI_DELEGATION: case CURLOPT_GSSAPI_DELEGATION:
/* /*
* GSS-API credential delegation * GSS-API credential delegation bitmask
*/ */
data->set.gssapi_delegation = va_arg(param, long); arg = va_arg(param, long);
if(arg < CURLGSSAPI_DELEGATION_NONE)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.gssapi_delegation = arg;
break; break;
case CURLOPT_SSL_VERIFYPEER: case CURLOPT_SSL_VERIFYPEER:
/* /*
@ -2488,7 +2573,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* Set the maximum size of a file to download. * Set the maximum size of a file to download.
*/ */
data->set.max_filesize = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.max_filesize = arg;
break; break;
#ifdef USE_SSL #ifdef USE_SSL
@ -2496,7 +2584,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* Make transfers attempt to use SSL/TLS. * Make transfers attempt to use SSL/TLS.
*/ */
data->set.use_ssl = (curl_usessl)va_arg(param, long); arg = va_arg(param, long);
if((arg < CURLUSESSL_NONE) || (arg > CURLUSESSL_ALL))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.use_ssl = (curl_usessl)arg;
break; break;
case CURLOPT_SSL_OPTIONS: case CURLOPT_SSL_OPTIONS:
@ -2516,18 +2607,27 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* Set a specific auth for FTP-SSL transfers. * Set a specific auth for FTP-SSL transfers.
*/ */
data->set.ftpsslauth = (curl_ftpauth)va_arg(param, long); arg = va_arg(param, long);
if((arg < CURLFTPAUTH_DEFAULT) || (arg > CURLFTPAUTH_TLS))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.ftpsslauth = (curl_ftpauth)arg;
break; break;
case CURLOPT_IPRESOLVE: case CURLOPT_IPRESOLVE:
data->set.ipver = va_arg(param, long); arg = va_arg(param, long);
if((arg < CURL_IPRESOLVE_WHATEVER) || (arg > CURL_IPRESOLVE_V6))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.ipver = arg;
break; break;
case CURLOPT_MAXFILESIZE_LARGE: case CURLOPT_MAXFILESIZE_LARGE:
/* /*
* Set the maximum size of a file to download. * Set the maximum size of a file to download.
*/ */
data->set.max_filesize = va_arg(param, curl_off_t); bigsize = va_arg(param, curl_off_t);
if(bigsize < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.max_filesize = bigsize;
break; break;
case CURLOPT_TCP_NODELAY: case CURLOPT_TCP_NODELAY:
@ -2612,6 +2712,9 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
#ifdef USE_LIBSSH2 #ifdef USE_LIBSSH2
/* we only include SSH options if explicitly built to support SSH */ /* we only include SSH options if explicitly built to support SSH */
case CURLOPT_SSH_AUTH_TYPES: case CURLOPT_SSH_AUTH_TYPES:
arg = va_arg(param, long);
if(arg < CURLSSH_AUTH_NONE)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.ssh_auth_types = va_arg(param, long); data->set.ssh_auth_types = va_arg(param, long);
break; break;
@ -2681,14 +2784,20 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
/* /*
* Uses these permissions instead of 0644 * Uses these permissions instead of 0644
*/ */
data->set.new_file_perms = va_arg(param, long); arg = va_arg(param, long);
if((arg < 0) || (arg > 0777))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.new_file_perms = arg;
break; break;
case CURLOPT_NEW_DIRECTORY_PERMS: case CURLOPT_NEW_DIRECTORY_PERMS:
/* /*
* Uses these permissions instead of 0755 * Uses these permissions instead of 0755
*/ */
data->set.new_directory_perms = va_arg(param, long); arg = va_arg(param, long);
if((arg < 0) || (arg > 0777))
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.new_directory_perms = arg;
break; break;
case CURLOPT_ADDRESS_SCOPE: case CURLOPT_ADDRESS_SCOPE:
@ -2935,10 +3044,16 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
data->set.tcp_keepalive = (0 != va_arg(param, long)) ? TRUE : FALSE; data->set.tcp_keepalive = (0 != va_arg(param, long)) ? TRUE : FALSE;
break; break;
case CURLOPT_TCP_KEEPIDLE: case CURLOPT_TCP_KEEPIDLE:
data->set.tcp_keepidle = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.tcp_keepidle = arg;
break; break;
case CURLOPT_TCP_KEEPINTVL: case CURLOPT_TCP_KEEPINTVL:
data->set.tcp_keepintvl = va_arg(param, long); arg = va_arg(param, long);
if(arg < 0)
return CURLE_BAD_FUNCTION_ARGUMENT;
data->set.tcp_keepintvl = arg;
break; break;
case CURLOPT_TCP_FASTOPEN: case CURLOPT_TCP_FASTOPEN:
#if defined(CONNECT_DATA_IDEMPOTENT) || defined(MSG_FASTOPEN) #if defined(CONNECT_DATA_IDEMPOTENT) || defined(MSG_FASTOPEN)