[Spice-devel] [PATCH] Validate port values
Marc-André Lureau
mlureau at redhat.com
Wed Apr 4 07:14:44 PDT 2012
----- Mensaje original -----
> Log port value, if it is invalid only.
>
> ---
> SpiceXPI/src/plugin/plugin.cpp | 32
> ++++++++++++++++++++++++++++++--
> 1 files changed, 30 insertions(+), 2 deletions(-)
>
> diff --git a/SpiceXPI/src/plugin/plugin.cpp
> b/SpiceXPI/src/plugin/plugin.cpp
> index de7afd0..c211395 100644
> --- a/SpiceXPI/src/plugin/plugin.cpp
> +++ b/SpiceXPI/src/plugin/plugin.cpp
> @@ -104,6 +104,22 @@ namespace {
>
> return dest;
> }
> +
> + // helper function for tcp/udp range conversion and validation
> + static int portToInt(const std::string &port)
> + {
> + if (port.empty())
> + return -1;
> +
> + char *end;
> + long int conv = strtol(port.c_str(), &end, 10);
> + if (*end != '\0')
> + return -2;
> + if (conv < 0 || conv > 65535)
> + return -2;
This will return an error if the value given is -1.
>
> #ifdef NPAPI_USE_CONSTCHARS
> @@ -608,6 +624,16 @@ void nsPluginInstance::SendWStr(uint32_t id,
> const wchar_t *str)
>
> void nsPluginInstance::Connect()
> {
> + const int port = portToInt(m_port);
> + const int sport = portToInt(m_secure_port);
> +
> + if (port < -1)
> + LOG_ERROR("invalid port: " << m_port);
I would return too in this case, we were given invalid values.
> + if (sport < -1)
> + LOG_ERROR("invalid secure port: " << m_secure_port);
> + if (port < 0 && sport < 0)
> + return;
And in this case, it's useful to LOG_ERROR too.
More information about the Spice-devel
mailing list