[Spice-devel] [PATCH] validate tcp port values
Christophe Fergeau
cfergeau at redhat.com
Wed Jul 11 04:41:05 PDT 2012
On Wed, Jul 11, 2012 at 01:03:28PM +0200, Peter Hatina wrote:
> Hi,
>
> I had a request to validate TCP port values in spice-xpi, so
> does this make sense for you?
This sounds like a good thing to do, though spice-xpi is just a gateway
here between ovirt/rhev and remote-viewer, so the validation is more
important there.
> + // helper function for tcp/udp range conversion and validation
> + static int portToInt(const std::string &port)
> + {
> + errno = 0;
> + char *end;
> + const long int min = 0;
> + const long int max = 65535;
> + long int conv = strtol(port.c_str(), &end, 10);
> + return (errno || *end != '\0' || end == port.c_str() || conv < min || conv > max)
> + ? -1 : static_cast<int>(conv);
> + }
> }
>
> #ifdef NPAPI_USE_CONSTCHARS
> @@ -581,6 +593,15 @@ void nsPluginInstance::SendStr(uint32_t id, std::string str)
>
> void nsPluginInstance::Connect()
> {
> + const int port = portToInt(m_port);
> + const int sport = portToInt(m_secure_port);
> + if (port <= 0)
> + g_warning("invalid port: '%s'", m_port.c_str());
> + if (sport <= 0)
> + g_warning("invalid secure port: '%s'", m_secure_port.c_str());
> + if (port <= 0 && sport <= 0)
> + return;
should we return when only one port is invalid?
Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/spice-devel/attachments/20120711/33f12671/attachment.pgp>
More information about the Spice-devel
mailing list