summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorericj <>2001-06-26 21:57:35 +0000
committerericj <>2001-06-26 21:57:35 +0000
commitf36a4af8154cedf09d0fa63c6e4285c59dad8b52 (patch)
tree944e83dc49b8a4ebb0fdd7ca26a87a7b2be9cab7
parenta7aeca6ef84a292d194872ebab09fb9f36ae82b2 (diff)
downloadopenbsd-f36a4af8154cedf09d0fa63c6e4285c59dad8b52.tar.gz
openbsd-f36a4af8154cedf09d0fa63c6e4285c59dad8b52.tar.bz2
openbsd-f36a4af8154cedf09d0fa63c6e4285c59dad8b52.zip
be weary of atoi().
suggested by theo.. also do range checking on ports
Diffstat
-rw-r--r--src/usr.bin/nc/netcat.c27
1 files changed, 19 insertions, 8 deletions
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c
index 2d179f559d..70d98da2b1 100644
--- a/src/usr.bin/nc/netcat.c
+++ b/src/usr.bin/nc/netcat.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: netcat.c,v 1.25 2001/06/26 21:19:14 ericj Exp $ */ 1/* $OpenBSD: netcat.c,v 1.26 2001/06/26 21:57:35 ericj Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> 3 * Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
4 * 4 *
@@ -79,7 +79,7 @@ main(argc, argv)
79 char *argv[]; 79 char *argv[];
80{ 80{
81 int ch, s, ret = 1; 81 int ch, s, ret = 1;
82 char *host, *uport; 82 char *host, *uport, *endp;
83 struct addrinfo hints; 83 struct addrinfo hints;
84 struct servent *sv = 0; 84 struct servent *sv = 0;
85 socklen_t len; 85 socklen_t len;
@@ -97,7 +97,9 @@ main(argc, argv)
97 help(); 97 help();
98 break; 98 break;
99 case 'i': 99 case 'i':
100 iflag = atoi(optarg); 100 iflag = (int)strtoul(optarg, &endp, 10);
101 if (iflag < 0 || *endp != '\0')
102 errx(1, "interval cannot be negative");
101 break; 103 break;
102 case 'k': 104 case 'k':
103 kflag = 1; 105 kflag = 1;
@@ -126,8 +128,10 @@ main(argc, argv)
126 case 'v': 128 case 'v':
127 vflag = 1; 129 vflag = 1;
128 break; 130 break;
129 case 'w': 131 case 'w':
130 timeout = atoi(optarg); 132 timeout = (int)strtoul(optarg, &endp, 10);
133 if (timeout < 0 || *endp != '\0')
134 errx(1, "timeout cannot be negative");
131 break; 135 break;
132 case 'z': 136 case 'z':
133 zflag = 1; 137 zflag = 1;
@@ -476,7 +480,7 @@ void
476build_ports(p) 480build_ports(p)
477 char *p; 481 char *p;
478{ 482{
479 char *n; 483 char *n, *endp;
480 int hi, lo, cp; 484 int hi, lo, cp;
481 int x = 0; 485 int x = 0;
482 486
@@ -488,8 +492,12 @@ build_ports(p)
488 n++; 492 n++;
489 493
490 /* Make sure the ports are in order: lowest->highest */ 494 /* Make sure the ports are in order: lowest->highest */
491 hi = atoi(n); 495 hi = (int)strtoul(n, &endp, 10);
492 lo = atoi(p); 496 if (hi <= 0 || hi > 65535 || *endp != '\0')
497 errx(1, "port range not valid");
498 lo = (int)strtoul(p, &endp, 10);
499 if (lo <= 0 || lo > 65535 || *endp != '\0')
500 errx(1, "port range not valid");
493 501
494 if (lo > hi) { 502 if (lo > hi) {
495 cp = hi; 503 cp = hi;
@@ -517,6 +525,9 @@ build_ports(p)
517 } 525 }
518 } 526 }
519 } else { 527 } else {
528 hi = (int)strtoul(p, &endp, 10);
529 if (hi <= 0 || hi > 65535 || *endp != '\0')
530 errx(1, "port range not valid");
520 portlist[0] = malloc(sizeof(65535)); 531 portlist[0] = malloc(sizeof(65535));
521 portlist[0] = p; 532 portlist[0] = p;
522 } 533 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 21:28:16 +0000