summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--extensions/libip6t_LOG.c5
-rw-r--r--extensions/libip6t_icmpv6.c8
-rw-r--r--extensions/libip6t_limit.c5
-rw-r--r--extensions/libip6t_multiport.c5
-rw-r--r--extensions/libip6t_tcp.c9
-rw-r--r--extensions/libip6t_udp.c4
-rw-r--r--extensions/libipt_FTOS.c4
-rw-r--r--extensions/libipt_LOG.c5
-rw-r--r--extensions/libipt_NETMAP.c4
-rw-r--r--extensions/libipt_TCPMSS.c4
-rw-r--r--extensions/libipt_TOS.c5
-rw-r--r--extensions/libipt_icmp.c8
-rw-r--r--extensions/libipt_length.c6
-rw-r--r--extensions/libipt_limit.c5
-rw-r--r--extensions/libipt_mport.c5
-rw-r--r--extensions/libipt_multiport.c5
-rw-r--r--extensions/libipt_nth.c8
-rw-r--r--extensions/libipt_psd.c14
-rw-r--r--extensions/libipt_tcp.c9
-rw-r--r--extensions/libipt_tcpmss.c4
-rw-r--r--extensions/libipt_time.c8
-rw-r--r--extensions/libipt_tos.c4
-rw-r--r--extensions/libipt_udp.c4
23 files changed, 63 insertions, 75 deletions
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index c147d1ca..68003150 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -66,10 +66,9 @@ static struct ip6t_log_names ip6t_log_names[]
static u_int8_t
parse_level(const char *level)
{
- int lev;
+ unsigned int lev;
- lev = string_to_number(level, 0, 7);
- if (lev == -1) {
+ if (string_to_number(level, 0, 7, lev) == -1) {
unsigned int i = 0;
for (i = 0;
diff --git a/extensions/libip6t_icmpv6.c b/extensions/libip6t_icmpv6.c
index 41ae5ca3..1b801d2d 100644
--- a/extensions/libip6t_icmpv6.c
+++ b/extensions/libip6t_icmpv6.c
@@ -118,7 +118,7 @@ parse_icmpv6(const char *icmpv6type, u_int8_t *type, u_int8_t code[])
} else {
char *slash;
char buffer[strlen(icmpv6type) + 1];
- int number;
+ unsigned int number;
strcpy(buffer, icmpv6type);
slash = strchr(buffer, '/');
@@ -126,14 +126,12 @@ parse_icmpv6(const char *icmpv6type, u_int8_t *type, u_int8_t code[])
if (slash)
*slash = '\0';
- number = string_to_number(buffer, 0, 255);
- if (number == -1)
+ if (string_to_number(buffer, 0, 255, &number) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid ICMPv6 type `%s'\n", buffer);
*type = number;
if (slash) {
- number = string_to_number(slash+1, 0, 255);
- if (number == -1)
+ if (string_to_number(slash+1, 0, 255, &number) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid ICMPv6 code `%s'\n",
slash+1);
diff --git a/extensions/libip6t_limit.c b/extensions/libip6t_limit.c
index 3b0318ba..e794675c 100644
--- a/extensions/libip6t_limit.c
+++ b/extensions/libip6t_limit.c
@@ -98,7 +98,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
struct ip6t_entry_match **match)
{
struct ip6t_rateinfo *r = (struct ip6t_rateinfo *)(*match)->data;
- int num;
+ unsigned int num;
switch(c) {
case '%':
@@ -115,8 +115,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --limit-burst");
- num = string_to_number(optarg, 0, 10000);
- if (num <= 0)
+ if (string_to_number(optarg, 0, 10000, &num) <= 0)
exit_error(PARAMETER_PROBLEM,
"bad --limit-burst `%s'", optarg);
r->burst = num;
diff --git a/extensions/libip6t_multiport.c b/extensions/libip6t_multiport.c
index 0fcefde1..d58bbb97 100644
--- a/extensions/libip6t_multiport.c
+++ b/extensions/libip6t_multiport.c
@@ -47,8 +47,9 @@ service_to_port(const char *name, const char *proto)
static u_int16_t
parse_port(const char *port, const char *proto)
{
- int portnum;
- if ((portnum = string_to_number(port, 0, 65535)) != -1 ||
+ unsigned int portnum;
+
+ if ((string_to_number(port, 0, 65535, &portnum)) != -1 ||
(portnum = service_to_port(port, proto)) != -1)
return (u_int16_t)portnum;
diff --git a/extensions/libip6t_tcp.c b/extensions/libip6t_tcp.c
index 718ec8ce..dd515f0e 100644
--- a/extensions/libip6t_tcp.c
+++ b/extensions/libip6t_tcp.c
@@ -52,9 +52,9 @@ service_to_port(const char *name)
static u_int16_t
parse_tcp_port(const char *port)
{
- int portnum;
+ unsigned int portnum;
- if ((portnum = string_to_number(port, 0, 65535)) != -1 ||
+ if (string_to_number(port, 0, 65535, &portnum) != -1 ||
(portnum = service_to_port(port)) != -1)
return (u_int16_t)portnum;
@@ -141,10 +141,9 @@ parse_tcp_flags(struct ip6t_tcp *tcpinfo,
static void
parse_tcp_option(const char *option, u_int8_t *result)
{
- int ret;
+ unsigned int ret;
- ret = string_to_number(option, 1, 255);
- if (ret == -1)
+ if (string_to_number(option, 1, 266, &ret) == -1)
exit_error(PARAMETER_PROBLEM, "Bad TCP option `%s'", option);
*result = (u_int8_t)ret;
diff --git a/extensions/libip6t_udp.c b/extensions/libip6t_udp.c
index 7fe16dd7..ac036167 100644
--- a/extensions/libip6t_udp.c
+++ b/extensions/libip6t_udp.c
@@ -44,9 +44,9 @@ service_to_port(const char *name)
static u_int16_t
parse_udp_port(const char *port)
{
- int portnum;
+ unsigned int portnum;
- if ((portnum = string_to_number(port, 0, 65535)) != -1 ||
+ if (string_to_number(port, 0, 65535, &portnum) != -1 ||
(portnum = service_to_port(port)) != -1)
return (u_int16_t)portnum;
diff --git a/extensions/libipt_FTOS.c b/extensions/libipt_FTOS.c
index 93120385..48f88ec5 100644
--- a/extensions/libipt_FTOS.c
+++ b/extensions/libipt_FTOS.c
@@ -43,7 +43,9 @@ static struct option opts[] = {
static void
parse_ftos(const unsigned char *s, struct ipt_FTOS_info *finfo)
{
- int ftos = string_to_number(s, 0, 255);
+ unsigned int ftos;
+
+ string_to_number(s, 0, 255, &ftos);
finfo->ftos = (u_int8_t )ftos;
return;
}
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index 024c68d2..9f41853f 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -66,10 +66,9 @@ static struct ipt_log_names ipt_log_names[]
static u_int8_t
parse_level(const char *level)
{
- int lev;
+ unsigned int lev;
- lev = string_to_number(level, 0, 7);
- if (lev == -1) {
+ if (string_to_number(level, 0, 7, &lev) == -1) {
unsigned int i = 0;
for (i = 0;
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index 4cd7abc1..7d5ad04f 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -74,7 +74,7 @@ parse_to(char *arg, struct ip_nat_range *range)
char *slash;
struct in_addr *ip;
u_int32_t netmask;
- int bits;
+ unsigned int bits;
range->flags |= IP_NAT_RANGE_MAP_IPS;
slash = strchr(arg, '/');
@@ -95,7 +95,7 @@ parse_to(char *arg, struct ip_nat_range *range)
netmask = ip->s_addr;
}
else {
- if ((bits = string_to_number(slash+1, 0, 32)) == -1)
+ if (string_to_number(slash+1, 0, 32, &bits) == -1)
exit_error(PARAMETER_PROBLEM, "Bad netmask `%s'\n",
slash+1);
netmask = bits2netmask(bits);
diff --git a/extensions/libipt_TCPMSS.c b/extensions/libipt_TCPMSS.c
index 03ce1bdb..d14f0c08 100644
--- a/extensions/libipt_TCPMSS.c
+++ b/extensions/libipt_TCPMSS.c
@@ -50,13 +50,13 @@ parse(int c, char **argv, int invert, unsigned int *flags,
= (struct ipt_tcpmss_info *)(*target)->data;
switch (c) {
- int mssval;
+ unsigned int mssval;
case '1':
if (*flags)
exit_error(PARAMETER_PROBLEM,
"TCPMSS target: Only one option may be specified");
- if ((mssval = string_to_number(optarg, 0, 65535 - 40)) == -1)
+ if (string_to_number(optarg, 0, 65535 - 40, &mssval) == -1)
exit_error(PARAMETER_PROBLEM, "Bad TCPMSS value `%s'", optarg);
mssinfo->mss = mssval;
diff --git a/extensions/libipt_TOS.c b/extensions/libipt_TOS.c
index 0c91cb54..9feba060 100644
--- a/extensions/libipt_TOS.c
+++ b/extensions/libipt_TOS.c
@@ -60,10 +60,9 @@ init(struct ipt_entry_target *t, unsigned int *nfcache)
static void
parse_tos(const unsigned char *s, struct ipt_tos_target_info *info)
{
- unsigned int i;
- int tos = string_to_number(s, 0, 255);
+ unsigned int i, tos;
- if (tos != -1) {
+ if (string_to_number(s, 0, 255,tos) != -1) {
if (tos == IPTOS_LOWDELAY
|| tos == IPTOS_THROUGHPUT
|| tos == IPTOS_RELIABILITY
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c
index 63905181..a8b6bd13 100644
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -133,7 +133,7 @@ parse_icmp(const char *icmptype, u_int8_t *type, u_int8_t code[])
} else {
char *slash;
char buffer[strlen(icmptype) + 1];
- int number;
+ unsigned int number;
strcpy(buffer, icmptype);
slash = strchr(buffer, '/');
@@ -141,14 +141,12 @@ parse_icmp(const char *icmptype, u_int8_t *type, u_int8_t code[])
if (slash)
*slash = '\0';
- number = string_to_number(buffer, 0, 255);
- if (number == -1)
+ if (string_to_number(buffer, 0, 255, &number) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid ICMP type `%s'\n", buffer);
*type = number;
if (slash) {
- number = string_to_number(slash+1, 0, 255);
- if (number == -1)
+ if (string_to_number(slash+1, 0, 255, &number) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid ICMP code `%s'\n",
slash+1);
diff --git a/extensions/libipt_length.c b/extensions/libipt_length.c
index 7ea5084d..ee2af943 100644
--- a/extensions/libipt_length.c
+++ b/extensions/libipt_length.c
@@ -35,11 +35,9 @@ init(struct ipt_entry_match *m, unsigned int *nfcache)
static u_int16_t
parse_length(const char *s)
{
- int len;
+ unsigned int len;
- len = string_to_number(s, 0, 0xFFFF);
-
- if (len == -1)
+ if (string_to_number(s, 0, 0xFFFF, &len) == -1)
exit_error(PARAMETER_PROBLEM, "length invalid: `%s'\n", s);
else
return (u_int16_t )len;
diff --git a/extensions/libipt_limit.c b/extensions/libipt_limit.c
index 58c2ebd0..23924a7f 100644
--- a/extensions/libipt_limit.c
+++ b/extensions/libipt_limit.c
@@ -98,7 +98,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
struct ipt_entry_match **match)
{
struct ipt_rateinfo *r = (struct ipt_rateinfo *)(*match)->data;
- int num;
+ unsigned int num;
switch(c) {
case '%':
@@ -115,8 +115,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --limit-burst");
- num = string_to_number(optarg, 0, 10000);
- if (num <= 0)
+ if (string_to_number(optarg, 0, 10000, &num) <= 0)
exit_error(PARAMETER_PROBLEM,
"bad --limit-burst `%s'", optarg);
r->burst = num;
diff --git a/extensions/libipt_mport.c b/extensions/libipt_mport.c
index 38474cde..f2dfd1e1 100644
--- a/extensions/libipt_mport.c
+++ b/extensions/libipt_mport.c
@@ -47,8 +47,9 @@ service_to_port(const char *name, const char *proto)
static u_int16_t
parse_port(const char *port, const char *proto)
{
- int portnum;
- if ((portnum = string_to_number(port, 0, 65535)) != -1 ||
+ unsigned int portnum;
+
+ if (portnum = string_to_number(port, 0, 65535, &portnum) != -1 ||
(portnum = service_to_port(port, proto)) != -1)
return (u_int16_t)portnum;
diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c
index bac4621f..6eb5bdf0 100644
--- a/extensions/libipt_multiport.c
+++ b/extensions/libipt_multiport.c
@@ -47,8 +47,9 @@ service_to_port(const char *name, const char *proto)
static u_int16_t
parse_port(const char *port, const char *proto)
{
- int portnum;
- if ((portnum = string_to_number(port, 0, 65535)) != -1 ||
+ unsigned int portnum;
+
+ if (string_to_number(port, 0, 65535, &portnum) != -1 ||
(portnum = service_to_port(port, proto)) != -1)
return (u_int16_t)portnum;
diff --git a/extensions/libipt_nth.c b/extensions/libipt_nth.c
index 5fdd3625..efeb71bf 100644
--- a/extensions/libipt_nth.c
+++ b/extensions/libipt_nth.c
@@ -59,7 +59,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
struct ipt_entry_match **match)
{
struct ipt_nth_info *nthinfo = (struct ipt_nth_info *)(*match)->data;
- int num;
+ unsigned int num;
switch (c) {
case '1':
@@ -79,8 +79,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
/* Remember, this function will interpret a leading 0 to be
Octal, a leading 0x to be hexdecimal... */
- num = string_to_number(optarg, 2, 100);
- if (num < 2)
+ if (string_to_number(optarg, 2, 100, &num) == -1 || num < 2)
exit_error(PARAMETER_PROBLEM,
"bad --every `%s', must be between 2 and 100", optarg);
@@ -110,8 +109,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_NTH_OPT_START)
exit_error(PARAMETER_PROBLEM,
"Can't specify --start twice");
- num = string_to_number(optarg, 0, nthinfo->every);
- if (num < 0)
+ if (string_to_number(optarg, 0, nthinfo->every, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --start `%s', must between 0 and %u", optarg, nthinfo->every);
*flags |= IPT_NTH_OPT_START;
diff --git a/extensions/libipt_psd.c b/extensions/libipt_psd.c
index f6885025..d5bb87e8 100644
--- a/extensions/libipt_psd.c
+++ b/extensions/libipt_psd.c
@@ -81,7 +81,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
struct ipt_entry_match **match)
{
struct ipt_psd_info *psdinfo = (struct ipt_psd_info *)(*match)->data;
- int num;
+ unsigned int num;
switch (c) {
/* PSD-weight-threshold */
@@ -90,8 +90,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Can't specify --psd-weight-threshold "
"twice");
- num = string_to_number(optarg, 0, 10000);
- if (num <= 0)
+ if (string_to_number(optarg, 0, 10000, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --psd-weight-threshold `%s'", optarg);
psdinfo->weight_threshold = num;
@@ -103,8 +102,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_PSD_OPT_DTRESH)
exit_error(PARAMETER_PROBLEM,
"Can't specify --psd-delay-threshold twice");
- num = string_to_number(optarg, 0, 10000);
- if (num <= 0)
+ if (string_to_number(optarg, 0, 10000, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --psd-delay-threshold `%s'", optarg);
psdinfo->delay_threshold = num;
@@ -116,8 +114,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_PSD_OPT_LPWEIGHT)
exit_error(PARAMETER_PROBLEM,
"Can't specify --psd-lo-ports-weight twice");
- num = string_to_number(optarg, 0, 10000);
- if (num <= 0)
+ if (string_to_number(optarg, 0, 10000, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --psd-lo-ports-weight `%s'", optarg);
psdinfo->lo_ports_weight = num;
@@ -129,8 +126,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_PSD_OPT_HPWEIGHT)
exit_error(PARAMETER_PROBLEM,
"Can't specify --psd-hi-ports-weight twice");
- num = string_to_number(optarg, 0, 10000);
- if (num <= 0)
+ if (string_to_number(optarg, 0, 10000, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --psd-hi-ports-weight `%s'", optarg);
psdinfo->hi_ports_weight = num;
diff --git a/extensions/libipt_tcp.c b/extensions/libipt_tcp.c
index fb99bec7..1b0a37a3 100644
--- a/extensions/libipt_tcp.c
+++ b/extensions/libipt_tcp.c
@@ -52,9 +52,9 @@ service_to_port(const char *name)
static u_int16_t
parse_tcp_port(const char *port)
{
- int portnum;
+ unsigned int portnum;
- if ((portnum = string_to_number(port, 0, 65535)) != -1 ||
+ if (string_to_number(port, 0, 65535, &portnum) != -1 ||
(portnum = service_to_port(port)) != -1)
return (u_int16_t)portnum;
@@ -141,10 +141,9 @@ parse_tcp_flags(struct ipt_tcp *tcpinfo,
static void
parse_tcp_option(const char *option, u_int8_t *result)
{
- int ret;
+ unsigned int ret;
- ret = string_to_number(option, 1, 255);
- if (ret == -1)
+ if (string_to_number(option, 1, 255, &ret) == -1)
exit_error(PARAMETER_PROBLEM, "Bad TCP option `%s'", option);
*result = (u_int8_t)ret;
diff --git a/extensions/libipt_tcpmss.c b/extensions/libipt_tcpmss.c
index 79e8d76c..6cf4211f 100644
--- a/extensions/libipt_tcpmss.c
+++ b/extensions/libipt_tcpmss.c
@@ -34,9 +34,9 @@ init(struct ipt_entry_match *m, unsigned int *nfcache)
static u_int16_t
parse_tcp_mssvalue(const char *mssvalue)
{
- int mssvaluenum;
+ unsigned int mssvaluenum;
- if ((mssvaluenum = string_to_number(mssvalue, 0, 65535)) != -1)
+ if (string_to_number(mssvalue, 0, 65535, &mssvaluenum) != -1)
return (u_int16_t)mssvaluenum;
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libipt_time.c b/extensions/libipt_time.c
index 1d7690ca..10b37885 100644
--- a/extensions/libipt_time.c
+++ b/extensions/libipt_time.c
@@ -76,7 +76,7 @@ split_time(char **part1, char **part2, const char *str_2_parse)
}
static void
-parse_time_string(int *hour, int *minute, const char *time)
+parse_time_string(unsigned int *hour, unsigned int *minute, const char *time)
{
char *hours;
char *minutes;
@@ -94,8 +94,10 @@ parse_time_string(int *hour, int *minute, const char *time)
hours[0] = ' ';
if (minutes[0] == '0')
minutes[0] = ' ';
- *hour = string_to_number(hours, 0, 23);
- *minute = string_to_number(minutes, 0, 59);
+
+ /* FIXME: error checking */
+ string_to_number(hours, 0, 23, hour);
+ string_to_number(minutes, 0, 59, minute);
}
if ((*hour != (-1)) && (*minute != (-1))) {
free(hours);
diff --git a/extensions/libipt_tos.c b/extensions/libipt_tos.c
index ec83e18d..f1d3b2a6 100644
--- a/extensions/libipt_tos.c
+++ b/extensions/libipt_tos.c
@@ -57,9 +57,9 @@ static void
parse_tos(const unsigned char *s, struct ipt_tos_info *info)
{
unsigned int i;
- int tos = string_to_number(s, 0, 255);
+ unsigned int tos;
- if (tos != -1) {
+ if (string_to_number(s, 0, 255, &tos) != -1) {
if (tos == IPTOS_LOWDELAY
|| tos == IPTOS_THROUGHPUT
|| tos == IPTOS_RELIABILITY
diff --git a/extensions/libipt_udp.c b/extensions/libipt_udp.c
index 06c61c51..9b18d18b 100644
--- a/extensions/libipt_udp.c
+++ b/extensions/libipt_udp.c
@@ -44,9 +44,9 @@ service_to_port(const char *name)
static u_int16_t
parse_udp_port(const char *port)
{
- int portnum;
+ unsigned int portnum;
- if ((portnum = string_to_number(port, 0, 65535)) != -1 ||
+ if (string_to_number(port, 0, 65535, &portnum) != -1 ||
(portnum = service_to_port(port)) != -1)
return (u_int16_t)portnum;