(This will be used by libxt_tos, libxt_TOS and more to come.)
===Patch begins here===
Introduce bound_strtou(), which works like string_to_number_ll(),
but updates ("passes back") the 'end' pointer. It is useful where
you want to do boundary checking yet work with strings that are
not entirely numbers recognized by strtoul(), e.g.:
s = "1/2";
if (!strtoul_bound(s, &end, &value, 0, 5))
error("Zero-length string, or value out of bounds");
if (*end != '/')
error("Malformed string");
info->param1 = value;
if (!strtoul_bound(end + 1, &end, &value, 2, 4))
error("..");
if (*end != '\0')
error("Malformed string");
info->param2 = value;
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
---
include/xtables.h | 5 +++++
xtables.c | 33 +++++++++++++++++++++++++++++++++
2 files changed, 38 insertions(+)
Index: iptables-modules/include/xtables.h
===================================================================
--- iptables-modules.orig/include/xtables.h
+++ iptables-modules/include/xtables.h
@@ -2,6 +2,7 @@
#define _XTABLES_H
#include <sys/types.h>
+#include <stdbool.h>
#include <linux/netfilter/x_tables.h>
#include <libiptc/libxtc.h>
@@ -205,6 +206,10 @@ extern int string_to_number(const char *
unsigned int min,
unsigned int max,
unsigned int *ret);
+extern bool bound_strtoul(const char *, char **, unsigned long *,
+ unsigned long, unsigned long);
+extern bool bound_strtou(const char *, char **, unsigned int *,
+ unsigned int, unsigned int);
extern int service_to_port(const char *name, const char *proto);
extern u_int16_t parse_port(const char *port, const char *proto);
extern void
Index: iptables-modules/xtables.c
===================================================================
--- iptables-modules.orig/xtables.c
+++ iptables-modules/xtables.c
@@ -20,6 +20,7 @@
#include <errno.h>
#include <fcntl.h>
#include <netdb.h>
+#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -196,6 +197,38 @@ int string_to_number(const char *s, unsi
return result;
}
+bool bound_strtoul(const char *s, char **end, unsigned long *value,
+ unsigned long min, unsigned long max)
+{
+ unsigned long v;
+
+ errno = 0;
+ v = strtoul(s, end, 0);
+
+ if (*end == s)
+ return false;
+
+ if (errno != ERANGE && min <= v && (max == 0 || v <= max)) {
+ if (value != NULL)
+ *value = v;
+ return true;
+ }
+
+ return false;
+}
+
+bool bound_strtou(const char *s, char **end, unsigned int *value,
+ unsigned int min, unsigned int max)
+{
+ unsigned long v;
+ bool ret;
+
+ ret = bound_strtoul(s, end, &v, min, max);
+ if (ret && value != NULL)
+ *value = v;
+ return ret;
+}
+
int service_to_port(const char *name, const char *proto)
{
struct servent *service;
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
