From 0d6b2ee249e9efba30da3236c413bf03c7b27ed9 Mon Sep 17 00:00:00 2001 From: Paul Jakma Date: Thu, 29 May 2008 18:29:16 +0000 Subject: [daemons] Sanity check port number arguments before use 2008-05-29 Martin Nagy * */*main.c: Sanity check port numbers before using. --- ChangeLog | 4 ++++ bgpd/bgp_main.c | 10 ++++++++-- ospf6d/ospf6_main.c | 3 ++- ospfd/ospf_main.c | 3 ++- ripd/rip_main.c | 3 ++- ripngd/ripng_main.c | 3 ++- zebra/main.c | 3 ++- 7 files changed, 22 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index ae97cf37..2fbdd8a8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2008-05-29 Martin Nagy + + * */*main.c: Sanity check port numbers before using. + 2008-01-30 Peter Szilagyi * lib/stream.h: Remove named 'new' parameter in prototype diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c index e6d34afc..2089c6b5 100644 --- a/bgpd/bgp_main.c +++ b/bgpd/bgp_main.c @@ -203,6 +203,7 @@ main (int argc, char **argv) int dryrun = 0; char *progname; struct thread thread; + int tmp_port; /* Set umask before anything for security */ umask (0027); @@ -238,7 +239,11 @@ main (int argc, char **argv) pid_file = optarg; break; case 'p': - bm->port = atoi (optarg); + tmp_port = atoi (optarg); + if (tmp_port <= 0 || tmp_port > 0xffff) + bm->port = BGP_PORT_DEFAULT; + else + bm->port = tmp_port; break; case 'A': vty_addr = optarg; @@ -252,7 +257,8 @@ main (int argc, char **argv) break; } vty_port = atoi (optarg); - vty_port = (vty_port ? vty_port : BGP_VTY_PORT); + if (vty_port <= 0 || vty_port > 0xffff) + vty_port = BGP_VTY_PORT; break; case 'r': retain_mode = 1; diff --git a/ospf6d/ospf6_main.c b/ospf6d/ospf6_main.c index 8380bc89..680f4b7f 100644 --- a/ospf6d/ospf6_main.c +++ b/ospf6d/ospf6_main.c @@ -227,7 +227,8 @@ main (int argc, char *argv[], char *envp[]) break; } vty_port = atoi (optarg); - vty_port = (vty_port ? vty_port : OSPF6_VTY_PORT); + if (vty_port <= 0 || vty_port > 0xffff) + vty_port = OSPF6_VTY_PORT; break; case 'u': ospf6d_privs.user = optarg; diff --git a/ospfd/ospf_main.c b/ospfd/ospf_main.c index 27a12dd0..1a200a8f 100644 --- a/ospfd/ospf_main.c +++ b/ospfd/ospf_main.c @@ -245,7 +245,8 @@ main (int argc, char **argv) break; } vty_port = atoi (optarg); - vty_port = (vty_port ? vty_port : OSPF_VTY_PORT); + if (vty_port <= 0 || vty_port > 0xffff) + vty_port = OSPF_VTY_PORT; break; case 'u': ospfd_privs.user = optarg; diff --git a/ripd/rip_main.c b/ripd/rip_main.c index dfcd6c26..0b29107d 100644 --- a/ripd/rip_main.c +++ b/ripd/rip_main.c @@ -236,7 +236,8 @@ main (int argc, char **argv) break; } vty_port = atoi (optarg); - vty_port = (vty_port ? vty_port : RIP_VTY_PORT); + if (vty_port <= 0 || vty_port > 0xffff) + vty_port = RIP_VTY_PORT; break; case 'r': retain_mode = 1; diff --git a/ripngd/ripng_main.c b/ripngd/ripng_main.c index 70553910..a18ce9de 100644 --- a/ripngd/ripng_main.c +++ b/ripngd/ripng_main.c @@ -240,7 +240,8 @@ main (int argc, char **argv) break; } vty_port = atoi (optarg); - vty_port = (vty_port ? vty_port : RIPNG_VTY_PORT); + if (vty_port <= 0 || vty_port > 0xffff) + vty_port = RIPNG_VTY_PORT; break; case 'r': retain_mode = 1; diff --git a/zebra/main.c b/zebra/main.c index 6019260f..61750f1d 100644 --- a/zebra/main.c +++ b/zebra/main.c @@ -275,7 +275,8 @@ main (int argc, char **argv) break; } vty_port = atoi (optarg); - vty_port = (vty_port ? vty_port : ZEBRA_VTY_PORT); + if (vty_port <= 0 || vty_port > 0xffff) + vty_port = ZEBRA_VTY_PORT; break; case 'r': retain_mode = 1; -- cgit v1.2.1