libpcap: replace atoi() usage with strtonum()
authorop <op@openbsd.org>
Wed, 28 Aug 2024 11:41:42 +0000 (11:41 +0000)
committerop <op@openbsd.org>
Wed, 28 Aug 2024 11:41:42 +0000 (11:41 +0000)
ok/improvements beck@

lib/libpcap/fad-getad.c
lib/libpcap/inet.c

index b5b2bad..611fd7a 100644 (file)
@@ -61,7 +61,7 @@ dup_sockaddr(struct sockaddr *sa, size_t sa_length)
 static int
 get_instance(const char *name)
 {
-       const char *cp, *endcp;
+       const char *cp, *endcp, *errstr;
        int n;
 
        if (strcmp(name, "any") == 0) {
@@ -77,11 +77,10 @@ get_instance(const char *name)
        for (cp = name; cp < endcp && !isdigit((unsigned char)*cp); ++cp)
                continue;
 
-       if (isdigit((unsigned char)*cp))
-               n = atoi(cp);
-       else
-               n = 0;
-       return (n);
+       n = strtonum(cp, 0, INT_MAX, &errstr);
+       if (errstr != NULL)
+               return -1;
+       return n;
 }
 
 static int
@@ -168,7 +167,11 @@ add_or_find_if(pcap_if_t **curdev_ret, pcap_if_t **alldevs, const char *name,
                 * Add it to the list, in the appropriate location.
                 * First, get the instance number of this interface.
                 */
-               this_instance = get_instance(name);
+               if ((this_instance = get_instance(name)) == -1) {
+                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                           "malformed device name: %s", name);
+                       goto fail;
+               }
 
                /*
                 * Now look for the last interface with an instance number
index 16fa758..2b9f2e1 100644 (file)
@@ -1,4 +1,4 @@
-/*     $OpenBSD: inet.c,v 1.27 2024/04/05 18:01:56 deraadt Exp $       */
+/*     $OpenBSD: inet.c,v 1.28 2024/08/28 11:41:42 op Exp $    */
 
 /*
  * Copyright (c) 1994, 1995, 1996, 1997, 1998
@@ -47,6 +47,7 @@
 
 #include <ctype.h>
 #include <errno.h>
+#include <limits.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -115,6 +116,7 @@ pcap_lookupdev(char *errbuf)
        struct ifaddrs *ifap, *ifa, *mp;
        int n, minunit;
        char *cp;
+       const char *errstr;
        static char device[IF_NAMESIZE + 1];
 
        if (getifaddrs(&ifap) != 0) {
@@ -132,7 +134,9 @@ pcap_lookupdev(char *errbuf)
                        continue;
                for (cp = ifa->ifa_name; !isdigit((unsigned char)*cp); ++cp)
                        continue;
-               n = atoi(cp);
+               n = strtonum(cp, 0, INT_MAX, &errstr);
+               if (errstr != NULL)
+                       continue;
                if (n < minunit) {
                        minunit = n;
                        mp = ifa;
@@ -151,6 +155,7 @@ pcap_lookupdev(char *errbuf)
 #else
        int fd, minunit, n;
        char *cp;
+       const char *errstr;
        struct ifreq *ifrp, *ifend, *ifnext, *mp;
        struct ifconf ifc;
        struct ifreq ibuf[16], ifr;
@@ -216,7 +221,9 @@ pcap_lookupdev(char *errbuf)
 
                for (cp = ifrp->ifr_name; !isdigit((unsigned char)*cp); ++cp)
                        continue;
-               n = atoi(cp);
+               n = strtonum(cp, 0, INT_MAX, &errstr);
+               if (errstr != NULL)
+                       continue;
                if (n < minunit) {
                        minunit = n;
                        mp = ifrp;