diff options
author | Jan Engelhardt <jengelh@inai.de> | 2012-07-13 23:18:29 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-07-31 13:31:44 +0200 |
commit | dc23c2d7afd2103cbc589372769c2f6723ea5235 (patch) | |
tree | 438c2582996a1966e9abc6fcc6948c27e70e980b /extensions/libxt_u32.c | |
parent | a3c1c206a665d81afa2363507a5e162c20694311 (diff) |
libxt_u32: do bounds checking for @'s operands
Using only strtoul is prone to accept all values, including negative
ones which are not explicitly allowed. Therefore, use xtables_strtoui
with bounds checking.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Diffstat (limited to 'extensions/libxt_u32.c')
-rw-r--r-- | extensions/libxt_u32.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/extensions/libxt_u32.c b/extensions/libxt_u32.c index 6d024fb6..2a7f5d80 100644 --- a/extensions/libxt_u32.c +++ b/extensions/libxt_u32.c @@ -88,17 +88,13 @@ static void u32_dump(const struct xt_u32 *data) /* string_to_number() is not quite what we need here ... */ static uint32_t parse_number(const char **s, int pos) { - uint32_t number; + unsigned int number; char *end; - errno = 0; - number = strtoul(*s, &end, 0); - if (end == *s) + if (!xtables_strtoui(*s, &end, &number, 0, UINT32_MAX) || + end == *s) xtables_error(PARAMETER_PROBLEM, - "u32: at char %d: expected number", pos); - if (errno != 0) - xtables_error(PARAMETER_PROBLEM, - "u32: at char %d: error reading number", pos); + "u32: at char %d: not a number or out of range", pos); *s = end; return number; } |