From 1e94c781aba61051bf4622c65daecc191f428832 Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Sat, 28 Jun 2014 04:39:41 +0000 Subject: Use strtonum() instead of atoi(), and then impose what are we think are the current range checks. Help from millert and lteo. Please test now that it is deployed and let us know if any numbers are off.. ok lteo --- src/lib/libssl/src/apps/apps.c | 25 ++++++++++++------ src/lib/libssl/src/apps/asn1pars.c | 25 +++++++++++------- src/lib/libssl/src/apps/ca.c | 26 ++++++++++++++----- src/lib/libssl/src/apps/dsaparam.c | 7 +++-- src/lib/libssl/src/apps/ocsp.c | 53 ++++++++++++++++++++------------------ src/lib/libssl/src/apps/prime.c | 30 ++++++++++++++------- src/lib/libssl/src/apps/req.c | 26 +++++++++++++++---- src/lib/libssl/src/apps/s_client.c | 24 ++++++++++++----- src/lib/libssl/src/apps/s_server.c | 30 +++++++++++++++------ src/lib/libssl/src/apps/s_socket.c | 9 ++++--- src/lib/libssl/src/apps/s_time.c | 13 +++++++--- src/lib/libssl/src/apps/speed.c | 29 ++++++++++++++------- src/lib/libssl/src/apps/x509.c | 16 ++++++++---- 13 files changed, 211 insertions(+), 102 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c index ea416366ee..66d82025fb 100644 --- a/src/lib/libssl/src/apps/apps.c +++ b/src/lib/libssl/src/apps/apps.c @@ -1,4 +1,4 @@ -/* $OpenBSD: apps.c,v 1.59 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: apps.c,v 1.60 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -117,6 +117,7 @@ #include #include #include +#include #include #include #include @@ -469,6 +470,7 @@ app_get_pass(BIO *err, char *arg, int keepbio) { char *tmp, tpass[APP_PASS_LEN]; static BIO *pwdbio = NULL; + const char *errstr = NULL; int i; if (!strncmp(arg, "pass:", 5)) @@ -492,10 +494,15 @@ app_get_pass(BIO *err, char *arg, int keepbio) } } else if (!strncmp(arg, "fd:", 3)) { BIO *btmp; - i = atoi(arg + 3); - if (i >= 0) - pwdbio = BIO_new_fd(i, BIO_NOCLOSE); - if ((i < 0) || !pwdbio) { + i = strtonum(arg + 3, 1, INT_MAX, &errstr); + if (errstr) { + BIO_printf(err, + "Invalid file descriptor %s: %s\n", + arg, errstr); + return NULL; + } + pwdbio = BIO_new_fd(i, BIO_NOCLOSE); + if (!pwdbio) { BIO_printf(err, "Can't access file descriptor %s\n", arg + 3); @@ -1969,6 +1976,7 @@ args_verify(char ***pargs, int *pargc, int *badarg, BIO *err, char **oldargs = *pargs; char *arg = **pargs, *argn = (*pargs)[1]; time_t at_time = 0; + const char *errstr = NULL; if (!strcmp(arg, "-policy")) { if (!argn) @@ -2001,9 +2009,10 @@ args_verify(char ***pargs, int *pargc, int *badarg, BIO *err, if (!argn) *badarg = 1; else { - depth = atoi(argn); - if (depth < 0) { - BIO_printf(err, "invalid depth\n"); + depth = strtonum(argn, 1, INT_MAX, &errstr); + if (errstr) { + BIO_printf(err, "invalid depth %s: %s\n", + argn, errstr); *badarg = 1; } } diff --git a/src/lib/libssl/src/apps/asn1pars.c b/src/lib/libssl/src/apps/asn1pars.c index dc8a66338d..e805e3428d 100644 --- a/src/lib/libssl/src/apps/asn1pars.c +++ b/src/lib/libssl/src/apps/asn1pars.c @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1pars.c,v 1.24 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: asn1pars.c,v 1.25 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -62,6 +62,7 @@ #include #include +#include #include #include "apps.h" @@ -93,6 +94,7 @@ asn1parse_main(int argc, char **argv) int informat, indent = 0, noout = 0, dump = 0; char *infile = NULL, *str = NULL, *prog, *oidfile = NULL, *derfile = NULL; char *genstr = NULL, *genconf = NULL; + const char *errstr = NULL; unsigned char *tmpbuf; const unsigned char *ctmpbuf; BUF_MEM *buf = NULL; @@ -135,20 +137,22 @@ asn1parse_main(int argc, char **argv) } else if (strcmp(*argv, "-offset") == 0) { if (--argc < 1) goto bad; - offset = atoi(*(++argv)); + offset = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; } else if (strcmp(*argv, "-length") == 0) { if (--argc < 1) goto bad; - length = atoi(*(++argv)); - if (length == 0) + length = strtonum(*(++argv), 1, UINT_MAX, &errstr); + if (errstr) goto bad; } else if (strcmp(*argv, "-dump") == 0) { dump = -1; } else if (strcmp(*argv, "-dlimit") == 0) { if (--argc < 1) goto bad; - dump = atoi(*(++argv)); - if (dump <= 0) + dump = strtonum(*(++argv), 1, INT_MAX, &errstr); + if (errstr) goto bad; } else if (strcmp(*argv, "-strparse") == 0) { if (--argc < 1) @@ -269,11 +273,12 @@ bad: for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) { ASN1_TYPE *atmp; int typ; - j = atoi(sk_OPENSSL_STRING_value(osk, i)); - if (j == 0) { + j = strtonum(sk_OPENSSL_STRING_value(osk, i), + 1, INT_MAX, &errstr); + if (errstr) { BIO_printf(bio_err, - "'%s' is an invalid number\n", - sk_OPENSSL_STRING_value(osk, i)); + "'%s' is an invalid number: %s\n", + sk_OPENSSL_STRING_value(osk, i), errstr); continue; } tmpbuf += j; diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c index 7de32c5daf..2192d91876 100644 --- a/src/lib/libssl/src/apps/ca.c +++ b/src/lib/libssl/src/apps/ca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ca.c,v 1.59 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: ca.c,v 1.60 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -63,6 +63,7 @@ #include #include #include +#include #include #include @@ -296,6 +297,7 @@ ca_main(int argc, char **argv) char *engine = NULL; #endif char *tofree = NULL; + const char *errstr = NULL; DB_ATTR db_attr; conf = NULL; @@ -340,7 +342,9 @@ ca_main(int argc, char **argv) } else if (strcmp(*argv, "-days") == 0) { if (--argc < 1) goto bad; - days = atoi(*(++argv)); + days = strtonum(*(++argv), 0, LONG_MAX, &errstr); + if (errstr) + goto bad; } else if (strcmp(*argv, "-md") == 0) { if (--argc < 1) goto bad; @@ -407,15 +411,21 @@ ca_main(int argc, char **argv) else if (strcmp(*argv, "-crldays") == 0) { if (--argc < 1) goto bad; - crldays = atol(*(++argv)); + crldays = strtonum(*(++argv), 0, LONG_MAX, &errstr); + if (errstr) + goto bad; } else if (strcmp(*argv, "-crlhours") == 0) { if (--argc < 1) goto bad; - crlhours = atol(*(++argv)); + crlhours = strtonum(*(++argv), 0, LONG_MAX, &errstr); + if (errstr) + goto bad; } else if (strcmp(*argv, "-crlsec") == 0) { if (--argc < 1) goto bad; - crlsec = atol(*(++argv)); + crlsec = strtonum(*(++argv), 0, LONG_MAX, &errstr); + if (errstr) + goto bad; } else if (strcmp(*argv, "-infiles") == 0) { argc--; argv++; @@ -484,7 +494,11 @@ ca_main(int argc, char **argv) #endif else { bad: - BIO_printf(bio_err, "unknown option %s\n", *argv); + if (errstr) + BIO_printf(bio_err, "invalid argument %s: %s\n", + *argv, errstr); + else + BIO_printf(bio_err, "unknown option %s\n", *argv); badops = 1; break; } diff --git a/src/lib/libssl/src/apps/dsaparam.c b/src/lib/libssl/src/apps/dsaparam.c index da8be8fa1e..8d26137e7e 100644 --- a/src/lib/libssl/src/apps/dsaparam.c +++ b/src/lib/libssl/src/apps/dsaparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsaparam.c,v 1.29 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: dsaparam.c,v 1.30 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -123,6 +123,7 @@ dsaparam_main(int argc, char **argv) char *engine = NULL; #endif #ifdef GENCB_TEST + const char *errstr = NULL; int timebomb = 0; #endif @@ -166,7 +167,9 @@ dsaparam_main(int argc, char **argv) else if (strcmp(*argv, "-timebomb") == 0) { if (--argc < 1) goto bad; - timebomb = atoi(*(++argv)); + timebomb = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; } #endif else if (strcmp(*argv, "-text") == 0) diff --git a/src/lib/libssl/src/apps/ocsp.c b/src/lib/libssl/src/apps/ocsp.c index aea7892349..c77b05f27d 100644 --- a/src/lib/libssl/src/apps/ocsp.c +++ b/src/lib/libssl/src/apps/ocsp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp.c,v 1.26 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: ocsp.c,v 1.27 2014/06/28 04:39:41 deraadt Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -59,6 +59,7 @@ #include #include +#include #include #include @@ -144,6 +145,7 @@ ocsp_main(int argc, char **argv) CA_DB *rdb = NULL; int nmin = 0, ndays = -1; const EVP_MD *cert_id_md = NULL; + const char *errstr = NULL; if (!load_config(bio_err, NULL)) goto end; @@ -164,11 +166,12 @@ ocsp_main(int argc, char **argv) } else if (!strcmp(*args, "-timeout")) { if (args[1]) { args++; - req_timeout = atol(*args); - if (req_timeout < 0) { + req_timeout = strtonum(*args, 0, + INT_MAX, &errstr); + if (errstr) { BIO_printf(bio_err, - "Illegal timeout value %s\n", - *args); + "Illegal timeout value %s: %s\n", + *args, errstr); badarg = 1; } } else @@ -288,11 +291,11 @@ ocsp_main(int argc, char **argv) } else if (!strcmp(*args, "-validity_period")) { if (args[1]) { args++; - nsec = atol(*args); - if (nsec < 0) { + nsec = strtonum(*args, 0, LONG_MAX, &errstr); + if (errstr) { BIO_printf(bio_err, - "Illegal validity period %s\n", - *args); + "Illegal validity period %s: %s\n", + *args, errstr); badarg = 1; } } else @@ -300,11 +303,11 @@ ocsp_main(int argc, char **argv) } else if (!strcmp(*args, "-status_age")) { if (args[1]) { args++; - maxage = atol(*args); - if (maxage < 0) { + maxage = strtonum(*args, 0, LONG_MAX, &errstr); + if (errstr) { BIO_printf(bio_err, - "Illegal validity age %s\n", - *args); + "Illegal validity age %s: %s\n", + *args, errstr); badarg = 1; } } else @@ -385,11 +388,11 @@ ocsp_main(int argc, char **argv) } else if (!strcmp(*args, "-nmin")) { if (args[1]) { args++; - nmin = atol(*args); - if (nmin < 0) { + nmin = strtonum(*args, 0, INT_MAX, &errstr); + if (errstr) { BIO_printf(bio_err, - "Illegal update period %s\n", - *args); + "Illegal update period %s: %s\n", + *args, errstr); badarg = 1; } } @@ -400,11 +403,11 @@ ocsp_main(int argc, char **argv) } else if (!strcmp(*args, "-nrequest")) { if (args[1]) { args++; - accept_count = atol(*args); - if (accept_count < 0) { + accept_count = strtonum(*args, 0, INT_MAX, &errstr); + if (errstr) { BIO_printf(bio_err, - "Illegal accept count %s\n", - *args); + "Illegal accept count %s: %s\n", + *args, errstr); badarg = 1; } } else @@ -412,11 +415,11 @@ ocsp_main(int argc, char **argv) } else if (!strcmp(*args, "-ndays")) { if (args[1]) { args++; - ndays = atol(*args); - if (ndays < 0) { + ndays = strtonum(*args, 0, INT_MAX, &errstr); + if (errstr) { BIO_printf(bio_err, - "Illegal update period %s\n", - *args); + "Illegal update period %s: %s\n", + *args, errstr); badarg = 1; } } else diff --git a/src/lib/libssl/src/apps/prime.c b/src/lib/libssl/src/apps/prime.c index fca43a2a99..9918db06c7 100644 --- a/src/lib/libssl/src/apps/prime.c +++ b/src/lib/libssl/src/apps/prime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: prime.c,v 1.10 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: prime.c,v 1.11 2014/06/28 04:39:41 deraadt Exp $ */ /* ==================================================================== * Copyright (c) 2004 The OpenSSL Project. All rights reserved. * @@ -49,6 +49,7 @@ */ #include +#include #include "apps.h" @@ -65,6 +66,7 @@ prime_main(int argc, char **argv) int bits = 0; int safe = 0; BIGNUM *bn = NULL; + const char *errstr = NULL; BIO *bio_out; --argc; @@ -74,19 +76,23 @@ prime_main(int argc, char **argv) hex = 1; else if (!strcmp(*argv, "-generate")) generate = 1; - else if (!strcmp(*argv, "-bits")) + else if (!strcmp(*argv, "-bits")) { if (--argc < 1) goto bad; else - bits = atoi(*++argv); - else if (!strcmp(*argv, "-safe")) + bits = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; + } else if (!strcmp(*argv, "-safe")) safe = 1; - else if (!strcmp(*argv, "-checks")) + else if (!strcmp(*argv, "-checks")) { if (--argc < 1) goto bad; else - checks = atoi(*++argv); - else { + checks = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; + } else { BIO_printf(bio_err, "Unknown option '%s'\n", *argv); goto bad; } @@ -130,8 +136,12 @@ prime_main(int argc, char **argv) return 0; bad: - BIO_printf(bio_err, "options are\n"); - BIO_printf(bio_err, "%-14s hex\n", "-hex"); - BIO_printf(bio_err, "%-14s number of checks\n", "-checks "); + if (errstr) + BIO_printf(bio_err, "invalid argument %s: %s\n", *argv, errstr); + else { + BIO_printf(bio_err, "options are\n"); + BIO_printf(bio_err, "%-14s hex\n", "-hex"); + BIO_printf(bio_err, "%-14s number of checks\n", "-checks "); + } return 1; } diff --git a/src/lib/libssl/src/apps/req.c b/src/lib/libssl/src/apps/req.c index c3ac0a6b9e..dcb7ab4a4a 100644 --- a/src/lib/libssl/src/apps/req.c +++ b/src/lib/libssl/src/apps/req.c @@ -1,4 +1,4 @@ -/* $OpenBSD: req.c,v 1.43 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: req.c,v 1.44 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -64,6 +64,7 @@ #include #include +#include #include #include @@ -322,11 +323,16 @@ req_main(int argc, char **argv) } else if (strcmp(*argv, "-multivalue-rdn") == 0) multirdn = 1; else if (strcmp(*argv, "-days") == 0) { + const char *errstr; + if (--argc < 1) goto bad; - days = atoi(*(++argv)); - if (days == 0) + days = strtonum(*(++argv), 1, INT_MAX, &errstr); + if (errstr) { + BIO_printf(bio_err, "bad -days %s, using 0: %s\n", + *argv, errstr); days = 30; + } } else if (strcmp(*argv, "-set_serial") == 0) { if (--argc < 1) goto bad; @@ -1383,13 +1389,18 @@ set_keygen_ctx(BIO * err, const char *gstr, int *pkey_type, long keylen = -1; BIO *pbio = NULL; const char *paramfile = NULL; + const char *errstr; if (gstr == NULL) { *pkey_type = EVP_PKEY_RSA; keylen = *pkeylen; } else if (gstr[0] >= '0' && gstr[0] <= '9') { *pkey_type = EVP_PKEY_RSA; - keylen = atol(gstr); + keylen = strtonum(gstr, 0, LONG_MAX, &errstr); + if (errstr) { + BIO_printf(err, "bad algorithm %s: %s\n", gstr, errstr); + return NULL; + } *pkeylen = keylen; } else if (!strncmp(gstr, "param:", 6)) paramfile = gstr + 6; @@ -1422,7 +1433,12 @@ set_keygen_ctx(BIO * err, const char *gstr, int *pkey_type, #endif if (*pkey_type == EVP_PKEY_RSA) { if (p) { - keylen = atol(p + 1); + keylen = strtonum(p + 1, 0, LONG_MAX, &errstr); + if (errstr) { + BIO_printf(err, "bad algorithm %s: %s\n", + p + 1, errstr); + return NULL; + } *pkeylen = keylen; } else keylen = *pkeylen; diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c index c453875c07..7c96443a11 100644 --- a/src/lib/libssl/src/apps/s_client.c +++ b/src/lib/libssl/src/apps/s_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_client.c,v 1.61 2014/06/13 04:29:13 miod Exp $ */ +/* $OpenBSD: s_client.c,v 1.62 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -147,6 +147,7 @@ #include #include #include +#include #include #include @@ -438,6 +439,7 @@ s_client_main(int argc, char **argv) BIO *sbio; int mbuf_len = 0; struct timeval timeout, *timeoutp; + const char *errstr = NULL; #ifndef OPENSSL_NO_ENGINE char *engine_id = NULL; char *ssl_client_engine_id = NULL; @@ -503,7 +505,9 @@ s_client_main(int argc, char **argv) verify = SSL_VERIFY_PEER; if (--argc < 1) goto bad; - verify_depth = atoi(*(++argv)); + verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; BIO_printf(bio_err, "verify depth is %d\n", verify_depth); } else if (strcmp(*argv, "-cert") == 0) { if (--argc < 1) @@ -592,7 +596,9 @@ s_client_main(int argc, char **argv) else if (strcmp(*argv, "-mtu") == 0) { if (--argc < 1) goto bad; - socket_mtu = atol(*(++argv)); + socket_mtu = strtonum(*(++argv), 0, LONG_MAX, &errstr); + if (errstr) + goto bad; } #endif else if (strcmp(*argv, "-bugs") == 0) @@ -715,10 +721,12 @@ s_client_main(int argc, char **argv) goto bad; keymatexportlabel = *(++argv); } else if (strcmp(*argv, "-keymatexportlen") == 0) { + const char *errstr; + if (--argc < 1) goto bad; - keymatexportlen = atoi(*(++argv)); - if (keymatexportlen == 0) + keymatexportlen = strtonum(*(++argv), 1, INT_MAX, &errstr); + if (errstr) goto bad; } else { BIO_printf(bio_err, "unknown option %s\n", *argv); @@ -730,7 +738,11 @@ s_client_main(int argc, char **argv) } if (badop) { bad: - sc_usage(); + if (errstr) + BIO_printf(bio_err, "invalid argument %s: %s\n", + *argv, errstr); + else + sc_usage(); goto end; } diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c index e73b249ca3..61eb667c38 100644 --- a/src/lib/libssl/src/apps/s_server.c +++ b/src/lib/libssl/src/apps/s_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_server.c,v 1.53 2014/06/13 04:29:13 miod Exp $ */ +/* $OpenBSD: s_server.c,v 1.54 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -154,6 +154,7 @@ #include #include #include +#include #include #include @@ -702,6 +703,7 @@ s_server_main(int argc, char *argv[]) X509 *s_cert = NULL, *s_dcert = NULL; EVP_PKEY *s_key = NULL, *s_dkey = NULL; int no_cache = 0; + const char *errstr = NULL; #ifndef OPENSSL_NO_TLSEXT EVP_PKEY *s_key2 = NULL; X509 *s_cert2 = NULL; @@ -743,14 +745,18 @@ s_server_main(int argc, char *argv[]) s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; if (--argc < 1) goto bad; - verify_depth = atoi(*(++argv)); + verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; BIO_printf(bio_err, "verify depth is %d\n", verify_depth); } else if (strcmp(*argv, "-Verify") == 0) { s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_CLIENT_ONCE; if (--argc < 1) goto bad; - verify_depth = atoi(*(++argv)); + verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; BIO_printf(bio_err, "verify depth is %d, must return a certificate\n", verify_depth); } else if (strcmp(*argv, "-context") == 0) { if (--argc < 1) @@ -856,7 +862,9 @@ s_server_main(int argc, char *argv[]) s_tlsextstatus = 1; if (--argc < 1) goto bad; - tlscstatp.timeout = atoi(*(++argv)); + tlscstatp.timeout = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; } else if (!strcmp(*argv, "-status_url")) { s_tlsextstatus = 1; if (--argc < 1) @@ -951,7 +959,9 @@ s_server_main(int argc, char *argv[]) else if (strcmp(*argv, "-mtu") == 0) { if (--argc < 1) goto bad; - socket_mtu = atol(*(++argv)); + socket_mtu = strtonum(*(++argv), 0, LONG_MAX, &errstr); + if (errstr) + goto bad; } else if (strcmp(*argv, "-chain") == 0) cert_chain = 1; #endif @@ -1005,8 +1015,8 @@ s_server_main(int argc, char *argv[]) } else if (strcmp(*argv, "-keymatexportlen") == 0) { if (--argc < 1) goto bad; - keymatexportlen = atoi(*(++argv)); - if (keymatexportlen == 0) + keymatexportlen = strtonum(*(++argv), 1, INT_MAX, &errstr); + if (errstr) goto bad; } else { BIO_printf(bio_err, "unknown option %s\n", *argv); @@ -1018,7 +1028,11 @@ s_server_main(int argc, char *argv[]) } if (badop) { bad: - sv_usage(); + if (errstr) + BIO_printf(bio_err, "invalid argument %s: %s\n", + *argv, errstr); + else + sv_usage(); goto end; } diff --git a/src/lib/libssl/src/apps/s_socket.c b/src/lib/libssl/src/apps/s_socket.c index d5757af66e..c5f3a28519 100644 --- a/src/lib/libssl/src/apps/s_socket.c +++ b/src/lib/libssl/src/apps/s_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_socket.c,v 1.41 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: s_socket.c,v 1.42 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -333,12 +333,13 @@ int extract_port(char *str, short *port_ptr) { int i; + const char *errstr; struct servent *s; - i = atoi(str); - if (i != 0) + i = strtonum(str, 1, 65535, &errstr); + if (!errstr) { *port_ptr = (unsigned short) i; - else { + } else { s = getservbyname(str, "tcp"); if (s == NULL) { BIO_printf(bio_err, "getservbyname failure for %s\n", str); diff --git a/src/lib/libssl/src/apps/s_time.c b/src/lib/libssl/src/apps/s_time.c index 2f6f3cc192..14d2e12dcd 100644 --- a/src/lib/libssl/src/apps/s_time.c +++ b/src/lib/libssl/src/apps/s_time.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_time.c,v 1.31 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: s_time.c,v 1.32 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -67,6 +67,7 @@ #include #include +#include #include #include @@ -181,6 +182,7 @@ static int parseArgs(int argc, char **argv) { int badop = 0; + const char *errstr; verify_depth = 0; verify_error = X509_V_OK; @@ -210,11 +212,14 @@ parseArgs(int argc, char **argv) else if (strcmp(*argv, "-new") == 0) perform = 1; else if (strcmp(*argv, "-verify") == 0) { + const char *errstr; tm_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; if (--argc < 1) goto bad; - verify_depth = atoi(*(++argv)); + verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; BIO_printf(bio_err, "verify depth is %d\n", verify_depth); } else if (strcmp(*argv, "-cert") == 0) { @@ -266,7 +271,9 @@ parseArgs(int argc, char **argv) if (--argc < 1) goto bad; - maxTime = atoi(*(++argv)); + maxTime = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) + goto bad; } else { BIO_printf(bio_err, "unknown option %s\n", *argv); badop = 1; diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c index 7b4bce1c99..1d320db010 100644 --- a/src/lib/libssl/src/apps/speed.c +++ b/src/lib/libssl/src/apps/speed.c @@ -1,4 +1,4 @@ -/* $OpenBSD: speed.c,v 1.48 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: speed.c,v 1.49 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -86,6 +86,7 @@ #include #include #include +#include #include #include @@ -516,6 +517,7 @@ speed_main(int argc, char **argv) const EVP_MD *evp_md = NULL; int decrypt = 0; int multi = 0; + const char *errstr = NULL; #ifndef TIMES usertime = -1; @@ -627,9 +629,9 @@ speed_main(int argc, char **argv) BIO_printf(bio_err, "no multi count given\n"); goto end; } - multi = atoi(argv[0]); - if (multi <= 0) { - BIO_printf(bio_err, "bad multi count\n"); + multi = strtonum(argv[0], 1, INT_MAX, &errstr); + if (errstr) { + BIO_printf(bio_err, "bad multi count: %s", errstr); goto end; } j--; /* Otherwise, -mr gets confused with an @@ -2105,6 +2107,7 @@ do_multi(int multi) int fd[2]; int *fds; static char sep[] = ":"; + const char *errstr = NULL; fds = reallocarray(NULL, multi, sizeof *fds); for (n = 0; n < multi; ++n) { @@ -2155,7 +2158,8 @@ do_multi(int multi) int j; p = buf + 3; - alg = atoi(sstrsep(&p, sep)); + alg = strtonum(sstrsep(&p, sep), + 0, ALGOR_NUM - 1, &errstr); sstrsep(&p, sep); for (j = 0; j < SIZE_NUM; ++j) results[alg][j] += atof(sstrsep(&p, sep)); @@ -2164,7 +2168,8 @@ do_multi(int multi) double d; p = buf + 4; - k = atoi(sstrsep(&p, sep)); + k = strtonum(sstrsep(&p, sep), + 0, ALGOR_NUM - 1, &errstr); sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); @@ -2183,7 +2188,8 @@ do_multi(int multi) double d; p = buf + 4; - k = atoi(sstrsep(&p, sep)); + k = strtonum(sstrsep(&p, sep), + 0, ALGOR_NUM - 1, &errstr); sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); @@ -2204,7 +2210,8 @@ do_multi(int multi) double d; p = buf + 4; - k = atoi(sstrsep(&p, sep)); + k = strtonum(sstrsep(&p, sep), + 0, ALGOR_NUM - 1, &errstr); sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); @@ -2226,7 +2233,8 @@ do_multi(int multi) double d; p = buf + 4; - k = atoi(sstrsep(&p, sep)); + k = strtonum(sstrsep(&p, sep), + 0, ALGOR_NUM - 1, &errstr); sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); @@ -2249,7 +2257,8 @@ do_multi(int multi) double d; p = buf + 4; - k = atoi(sstrsep(&p, sep)); + k = strtonum(sstrsep(&p, sep), + 0, ALGOR_NUM - 1, &errstr); sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); diff --git a/src/lib/libssl/src/apps/x509.c b/src/lib/libssl/src/apps/x509.c index b8570d30c9..4f86a1bb53 100644 --- a/src/lib/libssl/src/apps/x509.c +++ b/src/lib/libssl/src/apps/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.45 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: x509.c,v 1.46 2014/06/28 04:39:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -59,6 +59,7 @@ #include #include #include +#include #include #include "apps.h" @@ -208,6 +209,7 @@ x509_main(int argc, char **argv) #ifndef OPENSSL_NO_ENGINE char *engine = NULL; #endif + const char *errstr = NULL; reqfile = 0; @@ -263,9 +265,9 @@ x509_main(int argc, char **argv) } else if (strcmp(*argv, "-days") == 0) { if (--argc < 1) goto bad; - days = atoi(*(++argv)); - if (days == 0) { - BIO_printf(bio_err, "bad number of days\n"); + days = strtonum(*(++argv), 1, INT_MAX, &errstr); + if (errstr) { + BIO_printf(bio_err, "bad number of days: %s\n", errstr); goto bad; } } else if (strcmp(*argv, "-passin") == 0) { @@ -407,7 +409,11 @@ x509_main(int argc, char **argv) else if (strcmp(*argv, "-checkend") == 0) { if (--argc < 1) goto bad; - checkoffset = atoi(*(++argv)); + checkoffset = strtonum(*(++argv), 0, INT_MAX, &errstr); + if (errstr) { + BIO_printf(bio_err, "checkend unusable: %s\n", errstr); + goto bad; + } checkend = 1; } else if (strcmp(*argv, "-noout") == 0) noout = ++num; -- cgit v1.2.3-55-g6feb