From owner-freebsd-hackers  Wed Jan 22 18:55: 4 2003
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D6A3537B401
	for <hackers@freebsd.org>; Wed, 22 Jan 2003 18:55:02 -0800 (PST)
Received: from mailsrv.otenet.gr (mailsrv.otenet.gr [195.170.0.5])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9C20843F18
	for <hackers@freebsd.org>; Wed, 22 Jan 2003 18:55:00 -0800 (PST)
	(envelope-from keramida@ceid.upatras.gr)
Received: from gothmog.gr (patr530-a139.otenet.gr [212.205.215.139])
	by mailsrv.otenet.gr (8.12.6/8.12.6) with ESMTP id h0N2sf58002786
	for <hackers@freebsd.org>; Thu, 23 Jan 2003 04:54:51 +0200 (EET)
Received: from gothmog.gr (gothmog [127.0.0.1])
	by gothmog.gr (8.12.6/8.12.6) with ESMTP id h0N2sbxu040546
	for <hackers@freebsd.org>; Thu, 23 Jan 2003 04:54:37 +0200 (EET)
	(envelope-from keramida@ceid.upatras.gr)
Received: (from giorgos@localhost)
	by gothmog.gr (8.12.6/8.12.6/Submit) id h0N2sbvs040545
	for hackers@freebsd.org; Thu, 23 Jan 2003 04:54:37 +0200 (EET)
	(envelope-from keramida@ceid.upatras.gr)
Date: Thu, 23 Jan 2003 04:54:37 +0200
From: Giorgos Keramidas <keramida@ceid.upatras.gr>
To: hackers@freebsd.org
Subject: Checking sockaddr_in port number for overflow
Message-ID: <20030123025437.GA40516@gothmog.gr>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

I have been trying to think of a good way to check for overflow of
port numbers of PF_INET sockets that are passed by the user. So far,
this is what I have come up with:

: #include <netinet/in.h>
:
: #include <err.h>
: #include <errno.h>
: #include <limits.h>
: #include <stdio.h>
: #include <stdlib.h>
:
: int
: main(int argc, char *argv[])
: {
:         static long      tmp;
:         static char     *errp;
:         in_port_t        port;
:
:         if (argc != 2)
:                 errx(1, "usage: %s port", argv[0]);
:
:         errno == 0;
:         tmp = strtol(argv[1], &errp, 0);
:         if (errp == argv[1] || errno == EINVAL || errno == ERANGE)
:                 errx(1, "invalid number '%s'", argv[1]);
:         if (tmp > IPPORT_MAX)
:                 errx(1, "%ld will overflow as a port number (max %d)",
:                     tmp, IPPORT_MAX);
:
:         port = (in_port_t)tmp;
:         printf("Using port number %d\n", port);
:         return (0);
: }

Does this look ok to you all?
Have I missed anything obvious that I should also check?

- Giorgos


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message