Date: Thu, 23 Jan 2003 17:10:52 +1000 (EST) From: Steven Goodwin <steve@cit.gu.edu.au> To: hackers@freebsd.org Cc: Giorgos Keramidas <keramida@ceid.upatras.gr> Subject: Re: Checking sockaddr_in port number for overflow Message-ID: <Pine.LNX.4.44.0301231709110.20802-100000@hobbit.cit.gu.edu.au> In-Reply-To: <3E2F8250.3080300@netli.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 Jan 2003, Lev Walkin wrote:
> Giorgos Keramidas wrote:
> > I have been trying to think of a good way to check for overflow of
> > port numbers of PF_INET sockets that are passed by the user. So far,
> > this is what I have come up with:
> >
> > :
> > : errno == 0;
I hope I'm not being pedantic, but don't you mean
errno = 0;
> > : tmp = strtol(argv[1], &errp, 0);
> > : if (errp == argv[1] || errno == EINVAL || errno == ERANGE)
> > : errx(1, "invalid number '%s'", argv[1]);
> > : if (tmp > IPPORT_MAX)
> > : errx(1, "%ld will overflow as a port number (max %d)",
> > : tmp, IPPORT_MAX);
> >
> > Does this look ok to you all?
> > Have I missed anything obvious that I should also check?
>
> tmp <= 0.
>
Steve
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0301231709110.20802-100000>