mirror of
https://github.com/Tha14/toxic.git
synced 2024-11-23 02:23:02 +01:00
Replace instances of unsafe atoi function with safe counterpart
This commit is contained in:
parent
ffcc804efe
commit
f295352495
@ -45,9 +45,9 @@ void cmd_cancelfile(WINDOW *window, ToxWindow *self, Tox *m, int argc, char (*ar
|
|||||||
|
|
||||||
char msg[MAX_STR_SIZE];
|
char msg[MAX_STR_SIZE];
|
||||||
const char *inoutstr = argv[1];
|
const char *inoutstr = argv[1];
|
||||||
int idx = atoi(argv[2]);
|
long int idx = strtol(argv[2], NULL, 10);
|
||||||
|
|
||||||
if (idx >= MAX_FILES || idx < 0) {
|
if ((idx == 0 && strcmp(argv[2], "0")) || idx >= MAX_FILES || idx < 0) {
|
||||||
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "Invalid file ID.");
|
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "Invalid file ID.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -85,9 +85,9 @@ void cmd_groupinvite(WINDOW *window, ToxWindow *self, Tox *m, int argc, char (*a
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
int groupnum = atoi(argv[1]);
|
long int groupnum = strtol(argv[1], NULL, 10);
|
||||||
|
|
||||||
if (groupnum == 0 && strcmp(argv[1], "0")) { /* atoi returns 0 value on invalid input */
|
if ((groupnum == 0 && strcmp(argv[1], "0")) || groupnum < 0 || groupnum == LONG_MAX) {
|
||||||
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "Invalid group number.");
|
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "Invalid group number.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -146,9 +146,9 @@ void cmd_savefile(WINDOW *window, ToxWindow *self, Tox *m, int argc, char (*argv
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
int idx = atoi(argv[1]);
|
long int idx = strtol(argv[1], NULL, 10);
|
||||||
|
|
||||||
if ((idx == 0 && strcmp(argv[1], "0")) || idx >= MAX_FILES) {
|
if ((idx == 0 && strcmp(argv[1], "0")) || idx < 0 || idx >= MAX_FILES) {
|
||||||
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "No pending file transfers with that ID.");
|
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "No pending file transfers with that ID.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -50,9 +50,9 @@ void cmd_accept(WINDOW *window, ToxWindow *self, Tox *m, int argc, char (*argv)[
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
int req = atoi(argv[1]);
|
long int req = strtol(argv[1], NULL, 10);
|
||||||
|
|
||||||
if ((req == 0 && strcmp(argv[1], "0")) || req < 0 || req > MAX_FRIEND_REQUESTS) {
|
if ((req == 0 && strcmp(argv[1], "0")) || req < 0 || req >= MAX_FRIEND_REQUESTS) {
|
||||||
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "No pending friend request with that ID.");
|
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "No pending friend request with that ID.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -248,10 +248,12 @@ void cmd_connect(WINDOW *window, ToxWindow *self, Tox *m, int argc, char (*argv)
|
|||||||
}
|
}
|
||||||
|
|
||||||
const char *ip = argv[1];
|
const char *ip = argv[1];
|
||||||
const char *port = argv[2];
|
const char *port_str = argv[2];
|
||||||
const char *ascii_key = argv[3];
|
const char *ascii_key = argv[3];
|
||||||
|
|
||||||
if (atoi(port) == 0) {
|
long int port = strtol(port_str, NULL, 10);
|
||||||
|
|
||||||
|
if (port <= 0 || port > MAX_PORT_RANGE) {
|
||||||
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "Invalid port.");
|
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "Invalid port.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -263,8 +265,8 @@ void cmd_connect(WINDOW *window, ToxWindow *self, Tox *m, int argc, char (*argv)
|
|||||||
}
|
}
|
||||||
|
|
||||||
TOX_ERR_BOOTSTRAP err;
|
TOX_ERR_BOOTSTRAP err;
|
||||||
tox_bootstrap(m, ip, atoi(port), (uint8_t *) key_binary, &err);
|
tox_bootstrap(m, ip, port, (uint8_t *) key_binary, &err);
|
||||||
tox_add_tcp_relay(m, ip, atoi(port), (uint8_t *) key_binary, &err);
|
tox_add_tcp_relay(m, ip, port, (uint8_t *) key_binary, &err);
|
||||||
|
|
||||||
switch (err) {
|
switch (err) {
|
||||||
case TOX_ERR_BOOTSTRAP_BAD_HOST:
|
case TOX_ERR_BOOTSTRAP_BAD_HOST:
|
||||||
@ -290,9 +292,9 @@ void cmd_decline(WINDOW *window, ToxWindow *self, Tox *m, int argc, char (*argv)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
int req = atoi(argv[1]);
|
long int req = strtol(argv[1], NULL, 10);
|
||||||
|
|
||||||
if ((req == 0 && strcmp(argv[1], "0")) || req < 0 || req > MAX_FRIEND_REQUESTS) {
|
if ((req == 0 && strcmp(argv[1], "0")) || req < 0 || req >= MAX_FRIEND_REQUESTS) {
|
||||||
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "No pending friend request with that ID.");
|
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, "No pending friend request with that ID.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
33
src/toxic.c
33
src/toxic.c
@ -299,10 +299,15 @@ static int load_nodelist(const char *filename)
|
|||||||
|
|
||||||
if (line_len >= MIN_NODE_LINE && line_len <= MAX_NODE_LINE) {
|
if (line_len >= MIN_NODE_LINE && line_len <= MAX_NODE_LINE) {
|
||||||
const char *name = strtok(line, " ");
|
const char *name = strtok(line, " ");
|
||||||
const char *port = strtok(NULL, " ");
|
const char *port_str = strtok(NULL, " ");
|
||||||
const char *key_ascii = strtok(NULL, " ");
|
const char *key_ascii = strtok(NULL, " ");
|
||||||
|
|
||||||
if (name == NULL || port == NULL || key_ascii == NULL)
|
if (name == NULL || port_str == NULL || key_ascii == NULL)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
long int port = strtol(port_str, NULL, 10);
|
||||||
|
|
||||||
|
if (port <= 0 || port > MAX_PORT_RANGE)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
size_t key_len = strlen(key_ascii);
|
size_t key_len = strlen(key_ascii);
|
||||||
@ -313,7 +318,7 @@ static int load_nodelist(const char *filename)
|
|||||||
|
|
||||||
snprintf(toxNodes.nodes[toxNodes.lines], sizeof(toxNodes.nodes[toxNodes.lines]), "%s", name);
|
snprintf(toxNodes.nodes[toxNodes.lines], sizeof(toxNodes.nodes[toxNodes.lines]), "%s", name);
|
||||||
toxNodes.nodes[toxNodes.lines][NODELEN - 1] = 0;
|
toxNodes.nodes[toxNodes.lines][NODELEN - 1] = 0;
|
||||||
toxNodes.ports[toxNodes.lines] = atoi(port);
|
toxNodes.ports[toxNodes.lines] = port;
|
||||||
|
|
||||||
/* remove possible trailing newline from key string */
|
/* remove possible trailing newline from key string */
|
||||||
char real_ascii_key[TOX_PUBLIC_KEY_SIZE * 2 + 1];
|
char real_ascii_key[TOX_PUBLIC_KEY_SIZE * 2 + 1];
|
||||||
@ -938,6 +943,7 @@ static void parse_args(int argc, char *argv[])
|
|||||||
|
|
||||||
const char *opts_str = "4bdehotuxc:f:n:r:p:P:T:";
|
const char *opts_str = "4bdehotuxc:f:n:r:p:P:T:";
|
||||||
int opt, indexptr;
|
int opt, indexptr;
|
||||||
|
long int port = 0;
|
||||||
|
|
||||||
while ((opt = getopt_long(argc, argv, opts_str, long_opts, &indexptr)) != -1) {
|
while ((opt = getopt_long(argc, argv, opts_str, long_opts, &indexptr)) != -1) {
|
||||||
switch (opt) {
|
switch (opt) {
|
||||||
@ -1014,7 +1020,12 @@ static void parse_args(int argc, char *argv[])
|
|||||||
if (++optind > argc || argv[optind-1][0] == '-')
|
if (++optind > argc || argv[optind-1][0] == '-')
|
||||||
exit_toxic_err("Proxy error", FATALERR_PROXY);
|
exit_toxic_err("Proxy error", FATALERR_PROXY);
|
||||||
|
|
||||||
arg_opts.proxy_port = (uint16_t) atoi(argv[optind-1]);
|
port = strtol(argv[optind-1], NULL, 10);
|
||||||
|
|
||||||
|
if (port <= 0 || port > MAX_PORT_RANGE)
|
||||||
|
exit_toxic_err("Proxy error", FATALERR_PROXY);
|
||||||
|
|
||||||
|
arg_opts.proxy_port = port;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'P':
|
case 'P':
|
||||||
@ -1024,7 +1035,12 @@ static void parse_args(int argc, char *argv[])
|
|||||||
if (++optind > argc || argv[optind-1][0] == '-')
|
if (++optind > argc || argv[optind-1][0] == '-')
|
||||||
exit_toxic_err("Proxy error", FATALERR_PROXY);
|
exit_toxic_err("Proxy error", FATALERR_PROXY);
|
||||||
|
|
||||||
arg_opts.proxy_port = (uint16_t) atoi(argv[optind-1]);
|
port = strtol(argv[optind-1], NULL, 10);
|
||||||
|
|
||||||
|
if (port <= 0 || port > MAX_PORT_RANGE)
|
||||||
|
exit_toxic_err("Proxy error", FATALERR_PROXY);
|
||||||
|
|
||||||
|
arg_opts.proxy_port = port;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'r':
|
case 'r':
|
||||||
@ -1040,7 +1056,12 @@ static void parse_args(int argc, char *argv[])
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'T':
|
case 'T':
|
||||||
arg_opts.tcp_port = (uint16_t) atoi(optarg);
|
port = strtol(optarg, NULL, 10);
|
||||||
|
|
||||||
|
if (port <= 0 || port > MAX_PORT_RANGE)
|
||||||
|
port = 14191;
|
||||||
|
|
||||||
|
arg_opts.tcp_port = port;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'u':
|
case 'u':
|
||||||
|
@ -49,6 +49,10 @@
|
|||||||
#define KEY_IDENT_DIGITS 3 /* number of hex digits to display for the pub-key based identifier */
|
#define KEY_IDENT_DIGITS 3 /* number of hex digits to display for the pub-key based identifier */
|
||||||
#define TIME_STR_SIZE 32
|
#define TIME_STR_SIZE 32
|
||||||
|
|
||||||
|
#ifndef MAX_PORT_RANGE
|
||||||
|
#define MAX_PORT_RANGE 65535
|
||||||
|
#endif
|
||||||
|
|
||||||
/* ASCII key codes */
|
/* ASCII key codes */
|
||||||
#define T_KEY_ESC 0x1B /* ESC key */
|
#define T_KEY_ESC 0x1B /* ESC key */
|
||||||
#define T_KEY_KILL 0x0B /* ctrl-k */
|
#define T_KEY_KILL 0x0B /* ctrl-k */
|
||||||
|
Loading…
Reference in New Issue
Block a user