diff options
| author | Shawn Routhier <sar@isc.org> | 2009-01-06 00:50:38 +0000 |
|---|---|---|
| committer | Shawn Routhier <sar@isc.org> | 2009-01-06 00:50:38 +0000 |
| commit | 1ebba9903a12c19d07a4ba9b4bb173052cd6a055 (patch) | |
| tree | 582317717961b7a3a5923a437cfe5e792b4a6f61 | |
| parent | 423028f75472c8d534ab476333f9498417f0c4f9 (diff) | |
| download | isc-dhcp-1ebba9903a12c19d07a4ba9b4bb173052cd6a055.tar.gz | |
Validate argument to port option - bug 18695
| -rw-r--r-- | RELNOTES | 4 | ||||
| -rw-r--r-- | client/dhclient.c | 2 | ||||
| -rw-r--r-- | common/inet.c | 27 | ||||
| -rw-r--r-- | includes/dhcpd.h | 2 | ||||
| -rw-r--r-- | relay/dhcrelay.c | 2 | ||||
| -rw-r--r-- | server/dhcpd.c | 12 |
6 files changed, 35 insertions, 14 deletions
@@ -52,6 +52,10 @@ may not work on other platforms. Please report any problems and suggested fixes to <dhcp-users@isc.org>. + Changes since 4.0.1 (bug fixes) + +- Validate the argument to the -p option. + Changes since 4.0.1rc1 - None. diff --git a/client/dhclient.c b/client/dhclient.c index 944b2860..54626aae 100644 --- a/client/dhclient.c +++ b/client/dhclient.c @@ -164,7 +164,7 @@ main(int argc, char **argv) { } else if (!strcmp (argv [i], "-p")) { if (++i == argc) usage (); - local_port = htons (atoi (argv [i])); + local_port = validate_port (argv [i]); log_debug ("binding to user-specified port %d", ntohs (local_port)); } else if (!strcmp (argv [i], "-d")) { diff --git a/common/inet.c b/common/inet.c index 7bee0888..1d50d40e 100644 --- a/common/inet.c +++ b/common/inet.c @@ -1,10 +1,10 @@ /* inet.c - Subroutines to manipulate internet addresses in a safely portable + Subroutines to manipulate internet addresses and ports in a safely portable way... */ /* - * Copyright (c) 2004,2005,2007 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 2004,2005,2007,2008 by Internet Systems Consortium, Inc. ("ISC") * Copyright (c) 1995-2003 by Internet Software Consortium * * Permission to use, copy, modify, and distribute this software for any @@ -604,3 +604,26 @@ piaddrcidr(const struct iaddr *addr, unsigned int bits) { return ret; } +/* Validate that the string represents a valid port number and + * return it in network byte order + */ + +u_int16_t +validate_port(char *port) { + int local_port = 0; + int lower = 1; + int upper = 65535; + char *endptr; + + errno = 0; + local_port = strtol(port, &endptr, 10); + + if ((*endptr != '\0') || (errno == ERANGE) || (errno == EINVAL)) + log_fatal ("Invalid port number specification: %s", port); + + if (local_port < lower || local_port > upper) + log_fatal("Port number specified is out of range (%d-%d).", + lower, upper); + + return htons(local_port); +} diff --git a/includes/dhcpd.h b/includes/dhcpd.h index 7652e7ba..ab23ed39 100644 --- a/includes/dhcpd.h +++ b/includes/dhcpd.h @@ -40,6 +40,7 @@ #include <sys/socket.h> #include <sys/un.h> #include <arpa/inet.h> +#include <errno.h> #include <netdb.h> #else @@ -2378,6 +2379,7 @@ isc_result_t free_iaddrcidrnetlist(struct iaddrcidrnetlist **result); const char *piaddr PROTO ((struct iaddr)); char *piaddrmask(struct iaddr *, struct iaddr *); char *piaddrcidr(const struct iaddr *, unsigned int); +u_int16_t validate_port(char *); /* dhclient.c */ extern int nowait; diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c index 60b5ce81..fd132a93 100644 --- a/relay/dhcrelay.c +++ b/relay/dhcrelay.c @@ -144,7 +144,7 @@ main(int argc, char **argv) { if (!strcmp (argv [i], "-p")) { if (++i == argc) usage (); - local_port = htons (atoi (argv [i])); + local_port = validate_port (argv [i]); log_debug ("binding to user-specified port %d", ntohs (local_port)); } else if (!strcmp (argv [i], "-d")) { diff --git a/server/dhcpd.c b/server/dhcpd.c index 7cf05bd7..e800fa6b 100644 --- a/server/dhcpd.c +++ b/server/dhcpd.c @@ -259,15 +259,7 @@ main(int argc, char **argv) { if (!strcmp (argv [i], "-p")) { if (++i == argc) usage (); - for (s = argv [i]; *s; s++) - if (!isdigit ((unsigned char)*s)) - log_fatal ("%s: not a valid UDP port", - argv [i]); - status = atoi (argv [i]); - if (status < 1 || status > 65535) - log_fatal ("%s: not a valid UDP port", - argv [i]); - local_port = htons (status); + local_port = validate_port (argv [i]); log_debug ("binding to user-specified port %d", ntohs (local_port)); } else if (!strcmp (argv [i], "-f")) { @@ -440,7 +432,7 @@ main(int argc, char **argv) { if (!local_port) { if ((s = getenv ("DHCPD_PORT"))) { - local_port = htons (atoi (s)); + local_port = validate_port (s); log_debug ("binding to environment-specified port %d", ntohs (local_port)); } else { |