13 files changed, 211 insertions, 102 deletions
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c
index ea416366ee..66d82025fb 100644
--- a/src/lib/libssl/src/apps/apps.c
+++ b/src/lib/libssl/src/apps/apps.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: apps.c,v 1.59 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: apps.c,v 1.60 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -117,6 +117,7 @@
 #include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include <strings.h>
 #include <unistd.h>
@@ -469,6 +470,7 @@ app_get_pass(BIO *err, char *arg, int keepbio)
 {
        char *tmp, tpass[APP_PASS_LEN];
        static BIO *pwdbio = NULL;
+        const char *errstr = NULL;
        int i;
        if (!strncmp(arg, "pass:", 5))
@@ -492,10 +494,15 @@ app_get_pass(BIO *err, char *arg, int keepbio)
                        }
                } else if (!strncmp(arg, "fd:", 3)) {
                        BIO *btmp;
-                        i = atoi(arg + 3);
+                        i = strtonum(arg + 3, 1, INT_MAX, &errstr);
-                        if (i >= 0)
+                        if (errstr) {
-                                pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
+                                BIO_printf(err,
-                        if ((i < 0) || !pwdbio) {
+                                    "Invalid file descriptor %s: %s\n",
+                                    arg, errstr);
+                                return NULL;
+                        }
+                        pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
+                        if (!pwdbio) {
                                BIO_printf(err,
                                    "Can't access file descriptor %s\n",
                                    arg + 3);
@@ -1969,6 +1976,7 @@ args_verify(char ***pargs, int *pargc, int *badarg, BIO *err,
        char **oldargs = *pargs;
        char *arg = **pargs, *argn = (*pargs)[1];
        time_t at_time = 0;
+        const char *errstr = NULL;
        if (!strcmp(arg, "-policy")) {
                if (!argn)
@@ -2001,9 +2009,10 @@ args_verify(char ***pargs, int *pargc, int *badarg, BIO *err,
                if (!argn)
                        *badarg = 1;
                else {
-                        depth = atoi(argn);
+                        depth = strtonum(argn, 1, INT_MAX, &errstr);
-                        if (depth < 0) {
+                        if (errstr) {
-                                BIO_printf(err, "invalid depth\n");
+                                BIO_printf(err, "invalid depth %s: %s\n",
+                                    argn, errstr);
                                *badarg = 1;
                        }
                }
diff --git a/src/lib/libssl/src/apps/asn1pars.c b/src/lib/libssl/src/apps/asn1pars.c
index dc8a66338d..e805e3428d 100644
--- a/src/lib/libssl/src/apps/asn1pars.c
+++ b/src/lib/libssl/src/apps/asn1pars.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1pars.c,v 1.24 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: asn1pars.c,v 1.25 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -62,6 +62,7 @@
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include "apps.h"
@@ -93,6 +94,7 @@ asn1parse_main(int argc, char **argv)
        int informat, indent = 0, noout = 0, dump = 0;
        char *infile = NULL, *str = NULL, *prog, *oidfile = NULL, *derfile = NULL;
        char *genstr = NULL, *genconf = NULL;
+        const char *errstr = NULL;
        unsigned char *tmpbuf;
        const unsigned char *ctmpbuf;
        BUF_MEM *buf = NULL;
@@ -135,20 +137,22 @@ asn1parse_main(int argc, char **argv)
                } else if (strcmp(*argv, "-offset") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        offset = atoi(*(++argv));
+                        offset = strtonum(*(++argv), 0, INT_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                } else if (strcmp(*argv, "-length") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        length = atoi(*(++argv));
+                        length = strtonum(*(++argv), 1, UINT_MAX, &errstr);
-                        if (length == 0)
+                        if (errstr)
                                goto bad;
                } else if (strcmp(*argv, "-dump") == 0) {
                        dump = -1;
                } else if (strcmp(*argv, "-dlimit") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        dump = atoi(*(++argv));
+                        dump = strtonum(*(++argv), 1, INT_MAX, &errstr);
-                        if (dump <= 0)
+                        if (errstr)
                                goto bad;
                } else if (strcmp(*argv, "-strparse") == 0) {
                        if (--argc < 1)
@@ -269,11 +273,12 @@ bad:
                for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
                        ASN1_TYPE *atmp;
                        int typ;
-                        j = atoi(sk_OPENSSL_STRING_value(osk, i));
+                        j = strtonum(sk_OPENSSL_STRING_value(osk, i),
-                        if (j == 0) {
+                            1, INT_MAX, &errstr);
+                        if (errstr) {
                                BIO_printf(bio_err,
-                                    "'%s' is an invalid number\n",
+                                    "'%s' is an invalid number: %s\n",
-                                    sk_OPENSSL_STRING_value(osk, i));
+                                    sk_OPENSSL_STRING_value(osk, i), errstr);
                                continue;
                        }
                        tmpbuf += j;
diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c
index 7de32c5daf..2192d91876 100644
--- a/src/lib/libssl/src/apps/ca.c
+++ b/src/lib/libssl/src/apps/ca.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.59 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: ca.c,v 1.60 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -63,6 +63,7 @@
 #include <ctype.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include <unistd.h>
@@ -296,6 +297,7 @@ ca_main(int argc, char **argv)
        char *engine = NULL;
 #endif
        char *tofree = NULL;
+        const char *errstr = NULL;
        DB_ATTR db_attr;
        conf = NULL;
@@ -340,7 +342,9 @@ ca_main(int argc, char **argv)
                } else if (strcmp(*argv, "-days") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        days = atoi(*(++argv));
+                        days = strtonum(*(++argv), 0, LONG_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                } else if (strcmp(*argv, "-md") == 0) {
                        if (--argc < 1)
                                goto bad;
@@ -407,15 +411,21 @@ ca_main(int argc, char **argv)
                else if (strcmp(*argv, "-crldays") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        crldays = atol(*(++argv));
+                        crldays = strtonum(*(++argv), 0, LONG_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                } else if (strcmp(*argv, "-crlhours") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        crlhours = atol(*(++argv));
+                        crlhours = strtonum(*(++argv), 0, LONG_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                } else if (strcmp(*argv, "-crlsec") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        crlsec = atol(*(++argv));
+                        crlsec = strtonum(*(++argv), 0, LONG_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                } else if (strcmp(*argv, "-infiles") == 0) {
                        argc--;
                        argv++;
@@ -484,7 +494,11 @@ ca_main(int argc, char **argv)
 #endif
                else {
 bad:
-                        BIO_printf(bio_err, "unknown option %s\n", *argv);
+                        if (errstr)
+                                BIO_printf(bio_err, "invalid argument %s: %s\n",
+                                    *argv, errstr);
+                        else
+                                BIO_printf(bio_err, "unknown option %s\n", *argv);
                        badops = 1;
                        break;
                }
diff --git a/src/lib/libssl/src/apps/dsaparam.c b/src/lib/libssl/src/apps/dsaparam.c
index da8be8fa1e..8d26137e7e 100644
--- a/src/lib/libssl/src/apps/dsaparam.c
+++ b/src/lib/libssl/src/apps/dsaparam.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsaparam.c,v 1.29 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: dsaparam.c,v 1.30 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -123,6 +123,7 @@ dsaparam_main(int argc, char **argv)
        char *engine = NULL;
 #endif
 #ifdef GENCB_TEST
+        const char *errstr = NULL;
        int timebomb = 0;
 #endif
@@ -166,7 +167,9 @@ dsaparam_main(int argc, char **argv)
                else if (strcmp(*argv, "-timebomb") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        timebomb = atoi(*(++argv));
+                        timebomb = strtonum(*(++argv), 0, INT_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                }
 #endif
                else if (strcmp(*argv, "-text") == 0)
diff --git a/src/lib/libssl/src/apps/ocsp.c b/src/lib/libssl/src/apps/ocsp.c
index aea7892349..c77b05f27d 100644
--- a/src/lib/libssl/src/apps/ocsp.c
+++ b/src/lib/libssl/src/apps/ocsp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ocsp.c,v 1.26 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: ocsp.c,v 1.27 2014/06/28 04:39:41 deraadt Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -59,6 +59,7 @@
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include <time.h>
@@ -144,6 +145,7 @@ ocsp_main(int argc, char **argv)
        CA_DB *rdb = NULL;
        int nmin = 0, ndays = -1;
        const EVP_MD *cert_id_md = NULL;
+        const char *errstr = NULL;
        if (!load_config(bio_err, NULL))
                goto end;
@@ -164,11 +166,12 @@ ocsp_main(int argc, char **argv)
                } else if (!strcmp(*args, "-timeout")) {
                        if (args[1]) {
                                args++;
-                                req_timeout = atol(*args);
+                                req_timeout = strtonum(*args, 0,
-                                if (req_timeout < 0) {
+                                    INT_MAX, &errstr);
+                                if (errstr) {
                                        BIO_printf(bio_err,
-                                            "Illegal timeout value %s\n",
+                                            "Illegal timeout value %s: %s\n",
-                                            *args);
+                                            *args, errstr);
                                        badarg = 1;
                                }
                        } else
@@ -288,11 +291,11 @@ ocsp_main(int argc, char **argv)
                } else if (!strcmp(*args, "-validity_period")) {
                        if (args[1]) {
                                args++;
-                                nsec = atol(*args);
+                                nsec = strtonum(*args, 0, LONG_MAX, &errstr);
-                                if (nsec < 0) {
+                                if (errstr) {
                                        BIO_printf(bio_err,
-                                            "Illegal validity period %s\n",
+                                            "Illegal validity period %s: %s\n",
-                                            *args);
+                                            *args, errstr);
                                        badarg = 1;
                                }
                        } else
@@ -300,11 +303,11 @@ ocsp_main(int argc, char **argv)
                } else if (!strcmp(*args, "-status_age")) {
                        if (args[1]) {
                                args++;
-                                maxage = atol(*args);
+                                maxage = strtonum(*args, 0, LONG_MAX, &errstr);
-                                if (maxage < 0) {
+                                if (errstr) {
                                        BIO_printf(bio_err,
-                                            "Illegal validity age %s\n",
+                                            "Illegal validity age %s: %s\n",
-                                            *args);
+                                            *args, errstr);
                                        badarg = 1;
                                }
                        } else
@@ -385,11 +388,11 @@ ocsp_main(int argc, char **argv)
                } else if (!strcmp(*args, "-nmin")) {
                        if (args[1]) {
                                args++;
-                                nmin = atol(*args);
+                                nmin = strtonum(*args, 0, INT_MAX, &errstr);
-                                if (nmin < 0) {
+                                if (errstr) {
                                        BIO_printf(bio_err,
-                                            "Illegal update period %s\n",
+                                            "Illegal update period %s: %s\n",
-                                            *args);
+                                            *args, errstr);
                                        badarg = 1;
                                }
                        }
@@ -400,11 +403,11 @@ ocsp_main(int argc, char **argv)
                } else if (!strcmp(*args, "-nrequest")) {
                        if (args[1]) {
                                args++;
-                                accept_count = atol(*args);
+                                accept_count = strtonum(*args, 0, INT_MAX, &errstr);
-                                if (accept_count < 0) {
+                                if (errstr) {
                                        BIO_printf(bio_err,
-                                            "Illegal accept count %s\n",
+                                            "Illegal accept count %s: %s\n",
-                                            *args);
+                                            *args, errstr);
                                        badarg = 1;
                                }
                        } else
@@ -412,11 +415,11 @@ ocsp_main(int argc, char **argv)
                } else if (!strcmp(*args, "-ndays")) {
                        if (args[1]) {
                                args++;
-                                ndays = atol(*args);
+                                ndays = strtonum(*args, 0, INT_MAX, &errstr);
-                                if (ndays < 0) {
+                                if (errstr) {
                                        BIO_printf(bio_err,
-                                            "Illegal update period %s\n",
+                                            "Illegal update period %s: %s\n",
-                                            *args);
+                                            *args, errstr);
                                        badarg = 1;
                                }
                        } else
diff --git a/src/lib/libssl/src/apps/prime.c b/src/lib/libssl/src/apps/prime.c
index fca43a2a99..9918db06c7 100644
--- a/src/lib/libssl/src/apps/prime.c
+++ b/src/lib/libssl/src/apps/prime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: prime.c,v 1.10 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: prime.c,v 1.11 2014/06/28 04:39:41 deraadt Exp $ */
 /* ====================================================================
 * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
 *
@@ -49,6 +49,7 @@
 */
 #include <string.h>
+#include <limits.h>
 #include "apps.h"
@@ -65,6 +66,7 @@ prime_main(int argc, char **argv)
        int bits = 0;
        int safe = 0;
        BIGNUM *bn = NULL;
+        const char *errstr = NULL;
        BIO *bio_out;
        --argc;
@@ -74,19 +76,23 @@ prime_main(int argc, char **argv)
                        hex = 1;
                else if (!strcmp(*argv, "-generate"))
                        generate = 1;
-                else if (!strcmp(*argv, "-bits"))
+                else if (!strcmp(*argv, "-bits")) {
                        if (--argc < 1)
                                goto bad;
                        else
-                                bits = atoi(*++argv);
+                                bits = strtonum(*(++argv), 0, INT_MAX, &errstr);
-                else if (!strcmp(*argv, "-safe"))
+                        if (errstr)
+                                goto bad;
+                } else if (!strcmp(*argv, "-safe"))
                        safe = 1;
-                else if (!strcmp(*argv, "-checks"))
+                else if (!strcmp(*argv, "-checks")) {
                        if (--argc < 1)
                                goto bad;
                        else
-                                checks = atoi(*++argv);
+                                checks = strtonum(*(++argv), 0, INT_MAX, &errstr);
-                else {
+                        if (errstr)
+                                goto bad;
+                } else {
                        BIO_printf(bio_err, "Unknown option '%s'\n", *argv);
                        goto bad;
                }
@@ -130,8 +136,12 @@ prime_main(int argc, char **argv)
        return 0;
 bad:
-        BIO_printf(bio_err, "options are\n");
+        if (errstr)
-        BIO_printf(bio_err, "%-14s hex\n", "-hex");
+                BIO_printf(bio_err, "invalid argument %s: %s\n", *argv, errstr);
-        BIO_printf(bio_err, "%-14s number of checks\n", "-checks <n>");
+        else {
+                BIO_printf(bio_err, "options are\n");
+                BIO_printf(bio_err, "%-14s hex\n", "-hex");
+                BIO_printf(bio_err, "%-14s number of checks\n", "-checks <n>");
+        }
        return 1;
 }
diff --git a/src/lib/libssl/src/apps/req.c b/src/lib/libssl/src/apps/req.c
index c3ac0a6b9e..dcb7ab4a4a 100644
--- a/src/lib/libssl/src/apps/req.c
+++ b/src/lib/libssl/src/apps/req.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: req.c,v 1.43 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: req.c,v 1.44 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -64,6 +64,7 @@
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include <time.h>
@@ -322,11 +323,16 @@ req_main(int argc, char **argv)
                } else if (strcmp(*argv, "-multivalue-rdn") == 0)
                        multirdn = 1;
                else if (strcmp(*argv, "-days") == 0) {
+                        const char *errstr;
                        if (--argc < 1)
                                goto bad;
-                        days = atoi(*(++argv));
+                        days = strtonum(*(++argv), 1, INT_MAX, &errstr);
-                        if (days == 0)
+                        if (errstr) {
+                                BIO_printf(bio_err, "bad -days %s, using 0: %s\n",
+                                    *argv, errstr);
                                days = 30;
+                        }
                } else if (strcmp(*argv, "-set_serial") == 0) {
                        if (--argc < 1)
                                goto bad;
@@ -1383,13 +1389,18 @@ set_keygen_ctx(BIO * err, const char *gstr, int *pkey_type,
        long keylen = -1;
        BIO *pbio = NULL;
        const char *paramfile = NULL;
+        const char *errstr;
        if (gstr == NULL) {
                *pkey_type = EVP_PKEY_RSA;
                keylen = *pkeylen;
        } else if (gstr[0] >= '0' && gstr[0] <= '9') {
                *pkey_type = EVP_PKEY_RSA;
-                keylen = atol(gstr);
+                keylen = strtonum(gstr, 0, LONG_MAX, &errstr);
+                if (errstr) {
+                        BIO_printf(err, "bad algorithm %s: %s\n", gstr, errstr);
+                        return NULL;
+                } 
                *pkeylen = keylen;
        } else if (!strncmp(gstr, "param:", 6))
                paramfile = gstr + 6;
@@ -1422,7 +1433,12 @@ set_keygen_ctx(BIO * err, const char *gstr, int *pkey_type,
 #endif
                if (*pkey_type == EVP_PKEY_RSA) {
                        if (p) {
-                                keylen = atol(p + 1);
+                                keylen = strtonum(p + 1, 0, LONG_MAX, &errstr);
+                                if (errstr) {
+                                        BIO_printf(err, "bad algorithm %s: %s\n",
+                                            p + 1, errstr);
+                                        return NULL;                                    
+                                }
                                *pkeylen = keylen;
                        } else
                                keylen = *pkeylen;
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c
index c453875c07..7c96443a11 100644
--- a/src/lib/libssl/src/apps/s_client.c
+++ b/src/lib/libssl/src/apps/s_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_client.c,v 1.61 2014/06/13 04:29:13 miod Exp $ */
+/* $OpenBSD: s_client.c,v 1.62 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -147,6 +147,7 @@
 #include <netdb.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include <unistd.h>
@@ -438,6 +439,7 @@ s_client_main(int argc, char **argv)
        BIO *sbio;
        int mbuf_len = 0;
        struct timeval timeout, *timeoutp;
+        const char *errstr = NULL;
 #ifndef OPENSSL_NO_ENGINE
        char *engine_id = NULL;
        char *ssl_client_engine_id = NULL;
@@ -503,7 +505,9 @@ s_client_main(int argc, char **argv)
                        verify = SSL_VERIFY_PEER;
                        if (--argc < 1)
                                goto bad;
-                        verify_depth = atoi(*(++argv));
+                        verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr);
+                        if (errstr)
+                                goto bad;                       
                        BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
                } else if (strcmp(*argv, "-cert") == 0) {
                        if (--argc < 1)
@@ -592,7 +596,9 @@ s_client_main(int argc, char **argv)
                else if (strcmp(*argv, "-mtu") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        socket_mtu = atol(*(++argv));
+                        socket_mtu = strtonum(*(++argv), 0, LONG_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                }
 #endif
                else if (strcmp(*argv, "-bugs") == 0)
@@ -715,10 +721,12 @@ s_client_main(int argc, char **argv)
                                goto bad;
                        keymatexportlabel = *(++argv);
                } else if (strcmp(*argv, "-keymatexportlen") == 0) {
+                        const char *errstr;
                        if (--argc < 1)
                                goto bad;
-                        keymatexportlen = atoi(*(++argv));
+                        keymatexportlen = strtonum(*(++argv), 1, INT_MAX, &errstr);
-                        if (keymatexportlen == 0)
+                        if (errstr)
                                goto bad;
                } else {
                        BIO_printf(bio_err, "unknown option %s\n", *argv);
@@ -730,7 +738,11 @@ s_client_main(int argc, char **argv)
        }
        if (badop) {
 bad:
-                sc_usage();
+                if (errstr)
+                        BIO_printf(bio_err, "invalid argument %s: %s\n",
+                            *argv, errstr);
+                else
+                        sc_usage();
                goto end;
        }
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c
index e73b249ca3..61eb667c38 100644
--- a/src/lib/libssl/src/apps/s_server.c
+++ b/src/lib/libssl/src/apps/s_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_server.c,v 1.53 2014/06/13 04:29:13 miod Exp $ */
+/* $OpenBSD: s_server.c,v 1.54 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -154,6 +154,7 @@
 #include <ctype.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include <unistd.h>
@@ -702,6 +703,7 @@ s_server_main(int argc, char *argv[])
        X509 *s_cert = NULL, *s_dcert = NULL;
        EVP_PKEY *s_key = NULL, *s_dkey = NULL;
        int no_cache = 0;
+        const char *errstr = NULL;
 #ifndef OPENSSL_NO_TLSEXT
        EVP_PKEY *s_key2 = NULL;
        X509 *s_cert2 = NULL;
@@ -743,14 +745,18 @@ s_server_main(int argc, char *argv[])
                        s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
                        if (--argc < 1)
                                goto bad;
-                        verify_depth = atoi(*(++argv));
+                        verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                        BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
                } else if (strcmp(*argv, "-Verify") == 0) {
                        s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
                            SSL_VERIFY_CLIENT_ONCE;
                        if (--argc < 1)
                                goto bad;
-                        verify_depth = atoi(*(++argv));
+                        verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                        BIO_printf(bio_err, "verify depth is %d, must return a certificate\n", verify_depth);
                } else if (strcmp(*argv, "-context") == 0) {
                        if (--argc < 1)
@@ -856,7 +862,9 @@ s_server_main(int argc, char *argv[])
                        s_tlsextstatus = 1;
                        if (--argc < 1)
                                goto bad;
-                        tlscstatp.timeout = atoi(*(++argv));
+                        tlscstatp.timeout = strtonum(*(++argv), 0, INT_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                } else if (!strcmp(*argv, "-status_url")) {
                        s_tlsextstatus = 1;
                        if (--argc < 1)
@@ -951,7 +959,9 @@ s_server_main(int argc, char *argv[])
                else if (strcmp(*argv, "-mtu") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        socket_mtu = atol(*(++argv));
+                        socket_mtu = strtonum(*(++argv), 0, LONG_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                } else if (strcmp(*argv, "-chain") == 0)
                        cert_chain = 1;
 #endif
@@ -1005,8 +1015,8 @@ s_server_main(int argc, char *argv[])
                } else if (strcmp(*argv, "-keymatexportlen") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        keymatexportlen = atoi(*(++argv));
+                        keymatexportlen = strtonum(*(++argv), 1, INT_MAX, &errstr);
-                        if (keymatexportlen == 0)
+                        if (errstr)
                                goto bad;
                } else {
                        BIO_printf(bio_err, "unknown option %s\n", *argv);
@@ -1018,7 +1028,11 @@ s_server_main(int argc, char *argv[])
        }
        if (badop) {
 bad:
-                sv_usage();
+                if (errstr)
+                        BIO_printf(bio_err, "invalid argument %s: %s\n",
+                            *argv, errstr);
+                else
+                        sv_usage();
                goto end;
        }
diff --git a/src/lib/libssl/src/apps/s_socket.c b/src/lib/libssl/src/apps/s_socket.c
index d5757af66e..c5f3a28519 100644
--- a/src/lib/libssl/src/apps/s_socket.c
+++ b/src/lib/libssl/src/apps/s_socket.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_socket.c,v 1.41 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: s_socket.c,v 1.42 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -333,12 +333,13 @@ int
 extract_port(char *str, short *port_ptr)
 {
        int i;
+        const char *errstr;
        struct servent *s;
-        i = atoi(str);
+        i = strtonum(str, 1, 65535, &errstr);
-        if (i != 0)
+        if (!errstr) {
                *port_ptr = (unsigned short) i;
-        else {
+        } else {
                s = getservbyname(str, "tcp");
                if (s == NULL) {
                        BIO_printf(bio_err, "getservbyname failure for %s\n", str);
diff --git a/src/lib/libssl/src/apps/s_time.c b/src/lib/libssl/src/apps/s_time.c
index 2f6f3cc192..14d2e12dcd 100644
--- a/src/lib/libssl/src/apps/s_time.c
+++ b/src/lib/libssl/src/apps/s_time.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_time.c,v 1.31 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: s_time.c,v 1.32 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -67,6 +67,7 @@
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include <unistd.h>
@@ -181,6 +182,7 @@ static int
 parseArgs(int argc, char **argv)
 {
        int badop = 0;
+        const char *errstr;
        verify_depth = 0;
        verify_error = X509_V_OK;
@@ -210,11 +212,14 @@ parseArgs(int argc, char **argv)
                else if (strcmp(*argv, "-new") == 0)
                        perform = 1;
                else if (strcmp(*argv, "-verify") == 0) {
+                        const char *errstr;
                        tm_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
                        if (--argc < 1)
                                goto bad;
-                        verify_depth = atoi(*(++argv));
+                        verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                        BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
                } else if (strcmp(*argv, "-cert") == 0) {
@@ -266,7 +271,9 @@ parseArgs(int argc, char **argv)
                        if (--argc < 1)
                                goto bad;
-                        maxTime = atoi(*(++argv));
+                        maxTime = strtonum(*(++argv), 0, INT_MAX, &errstr);
+                        if (errstr)
+                                goto bad;
                } else {
                        BIO_printf(bio_err, "unknown option %s\n", *argv);
                        badop = 1;
diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c
index 7b4bce1c99..1d320db010 100644
--- a/src/lib/libssl/src/apps/speed.c
+++ b/src/lib/libssl/src/apps/speed.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: speed.c,v 1.48 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: speed.c,v 1.49 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -86,6 +86,7 @@
 #include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include <unistd.h>
@@ -516,6 +517,7 @@ speed_main(int argc, char **argv)
        const EVP_MD *evp_md = NULL;
        int decrypt = 0;
        int multi = 0;
+        const char *errstr = NULL;
 #ifndef TIMES
        usertime = -1;
@@ -627,9 +629,9 @@ speed_main(int argc, char **argv)
                                BIO_printf(bio_err, "no multi count given\n");
                                goto end;
                        }
-                        multi = atoi(argv[0]);
+                        multi = strtonum(argv[0], 1, INT_MAX, &errstr);
-                        if (multi <= 0) {
+                        if (errstr) {
-                                BIO_printf(bio_err, "bad multi count\n");
+                                BIO_printf(bio_err, "bad multi count: %s", errstr);
                                goto end;
                        }
                        j--;    /* Otherwise, -mr gets confused with an
@@ -2105,6 +2107,7 @@ do_multi(int multi)
        int fd[2];
        int *fds;
        static char sep[] = ":";
+        const char *errstr = NULL;
        fds = reallocarray(NULL, multi, sizeof *fds);
        for (n = 0; n < multi; ++n) {
@@ -2155,7 +2158,8 @@ do_multi(int multi)
                                int j;
                                p = buf + 3;
-                                alg = atoi(sstrsep(&p, sep));
+                                alg = strtonum(sstrsep(&p, sep),
+                                    0, ALGOR_NUM - 1, &errstr);
                                sstrsep(&p, sep);
                                for (j = 0; j < SIZE_NUM; ++j)
                                        results[alg][j] += atof(sstrsep(&p, sep));
@@ -2164,7 +2168,8 @@ do_multi(int multi)
                                double d;
                                p = buf + 4;
-                                k = atoi(sstrsep(&p, sep));
+                                k = strtonum(sstrsep(&p, sep),
+                                    0, ALGOR_NUM - 1, &errstr);
                                sstrsep(&p, sep);
                                d = atof(sstrsep(&p, sep));
@@ -2183,7 +2188,8 @@ do_multi(int multi)
                                double d;
                                p = buf + 4;
-                                k = atoi(sstrsep(&p, sep));
+                                k = strtonum(sstrsep(&p, sep),
+                                    0, ALGOR_NUM - 1, &errstr);
                                sstrsep(&p, sep);
                                d = atof(sstrsep(&p, sep));
@@ -2204,7 +2210,8 @@ do_multi(int multi)
                                double d;
                                p = buf + 4;
-                                k = atoi(sstrsep(&p, sep));
+                                k = strtonum(sstrsep(&p, sep),
+                                    0, ALGOR_NUM - 1, &errstr);
                                sstrsep(&p, sep);
                                d = atof(sstrsep(&p, sep));
@@ -2226,7 +2233,8 @@ do_multi(int multi)
                                double d;
                                p = buf + 4;
-                                k = atoi(sstrsep(&p, sep));
+                                k = strtonum(sstrsep(&p, sep),
+                                    0, ALGOR_NUM - 1, &errstr);
                                sstrsep(&p, sep);
                                d = atof(sstrsep(&p, sep));
@@ -2249,7 +2257,8 @@ do_multi(int multi)
                                double d;
                                p = buf + 4;
-                                k = atoi(sstrsep(&p, sep));
+                                k = strtonum(sstrsep(&p, sep),
+                                    0, ALGOR_NUM - 1, &errstr);
                                sstrsep(&p, sep);
                                d = atof(sstrsep(&p, sep));
diff --git a/src/lib/libssl/src/apps/x509.c b/src/lib/libssl/src/apps/x509.c
index b8570d30c9..4f86a1bb53 100644
--- a/src/lib/libssl/src/apps/x509.c
+++ b/src/lib/libssl/src/apps/x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.c,v 1.45 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: x509.c,v 1.46 2014/06/28 04:39:41 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -59,6 +59,7 @@
 #include <assert.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include "apps.h"
@@ -208,6 +209,7 @@ x509_main(int argc, char **argv)
 #ifndef OPENSSL_NO_ENGINE
        char *engine = NULL;
 #endif
+        const char *errstr = NULL;
        reqfile = 0;
@@ -263,9 +265,9 @@ x509_main(int argc, char **argv)
                } else if (strcmp(*argv, "-days") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        days = atoi(*(++argv));
+                        days = strtonum(*(++argv), 1, INT_MAX, &errstr);
-                        if (days == 0) {
+                        if (errstr) {
-                                BIO_printf(bio_err, "bad number of days\n");
+                                BIO_printf(bio_err, "bad number of days: %s\n", errstr);
                                goto bad;
                        }
                } else if (strcmp(*argv, "-passin") == 0) {
@@ -407,7 +409,11 @@ x509_main(int argc, char **argv)
                else if (strcmp(*argv, "-checkend") == 0) {
                        if (--argc < 1)
                                goto bad;
-                        checkoffset = atoi(*(++argv));
+                        checkoffset = strtonum(*(++argv), 0, INT_MAX, &errstr);
+                        if (errstr) {
+                                BIO_printf(bio_err, "checkend unusable: %s\n", errstr);
+                                goto bad;
+                        }
                        checkend = 1;
                } else if (strcmp(*argv, "-noout") == 0)
                        noout = ++num;