From f47b84b57ff74915820d26efc30459158bbe5c9c Mon Sep 17 00:00:00 2001 From: Yang Tse Date: Thu, 4 Feb 2010 17:17:19 +0000 Subject: [PATCH] Validate server port argument --- tests/server/rtspd.c | 11 ++++++++++- tests/server/sockfilt.c | 22 ++++++++++++++++++++-- tests/server/sws.c | 11 ++++++++++- tests/server/tftpd.c | 11 ++++++++++- 4 files changed, 50 insertions(+), 5 deletions(-) diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c index 6c3366bb4..7a5ef62a3 100644 --- a/tests/server/rtspd.c +++ b/tests/server/rtspd.c @@ -1174,7 +1174,16 @@ int main(int argc, char *argv[]) else if(!strcmp("--port", argv[arg])) { arg++; if(argc>arg) { - port = (unsigned short)atoi(argv[arg]); + char *endptr; + long lnum = -1; + lnum = strtol(argv[arg], &endptr, 10); + if((endptr != argv[arg] + strlen(argv[arg])) || + (lnum < 1025L) || (lnum > 65535L)) { + fprintf(stderr, "rtspd: invalid --port argument (%s)\n", + argv[arg]); + return 0; + } + port = (unsigned short)(lnum & 0xFFFFL); arg++; } } diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c index 15993a5ab..8abde8b51 100644 --- a/tests/server/sockfilt.c +++ b/tests/server/sockfilt.c @@ -890,7 +890,16 @@ int main(int argc, char *argv[]) else if(!strcmp("--port", argv[arg])) { arg++; if(argc>arg) { - port = (unsigned short)atoi(argv[arg]); + char *endptr; + long lnum = -1; + lnum = strtol(argv[arg], &endptr, 10); + if((endptr != argv[arg] + strlen(argv[arg])) || + ((lnum != 0L) && ((lnum < 1025L) || (lnum > 65535L)))) { + fprintf(stderr, "sockfilt: invalid --port argument (%s)\n", + argv[arg]); + return 0; + } + port = (unsigned short)(lnum & 0xFFFFL); arg++; } } @@ -899,7 +908,16 @@ int main(int argc, char *argv[]) doing a passive server-style listening. */ arg++; if(argc>arg) { - connectport = (unsigned short)atoi(argv[arg]); + char *endptr; + long lnum = -1; + lnum = strtol(argv[arg], &endptr, 10); + if((endptr != argv[arg] + strlen(argv[arg])) || + (lnum < 1025L) || (lnum > 65535L)) { + fprintf(stderr, "sockfilt: invalid --connect argument (%s)\n", + argv[arg]); + return 0; + } + connectport = (unsigned short)(lnum & 0xFFFFL); arg++; } } diff --git a/tests/server/sws.c b/tests/server/sws.c index 62721b1bc..16485f2f9 100644 --- a/tests/server/sws.c +++ b/tests/server/sws.c @@ -1082,7 +1082,16 @@ int main(int argc, char *argv[]) else if(!strcmp("--port", argv[arg])) { arg++; if(argc>arg) { - port = (unsigned short)atoi(argv[arg]); + char *endptr; + long lnum = -1; + lnum = strtol(argv[arg], &endptr, 10); + if((endptr != argv[arg] + strlen(argv[arg])) || + (lnum < 1025L) || (lnum > 65535L)) { + fprintf(stderr, "sws: invalid --port argument (%s)\n", + argv[arg]); + return 0; + } + port = (unsigned short)(lnum & 0xFFFFL); arg++; } } diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c index eefeb3ea4..91e51cf42 100644 --- a/tests/server/tftpd.c +++ b/tests/server/tftpd.c @@ -708,7 +708,16 @@ int main(int argc, char **argv) else if(!strcmp("--port", argv[arg])) { arg++; if(argc>arg) { - port = (unsigned short)atoi(argv[arg]); + char *endptr; + long lnum = -1; + lnum = strtol(argv[arg], &endptr, 10); + if((endptr != argv[arg] + strlen(argv[arg])) || + (lnum < 1025L) || (lnum > 65535L)) { + fprintf(stderr, "tftpd: invalid --port argument (%s)\n", + argv[arg]); + return 0; + } + port = (unsigned short)(lnum & 0xFFFFL); arg++; } }