diff options
author | Nick Mathewson <nickm@torproject.org> | 2004-10-12 19:01:53 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2004-10-12 19:01:53 +0000 |
commit | e7241044e8f582a61c63d462fbbd1e3b593505ce (patch) | |
tree | d060900a7b1d6eb96fc5da0d4b825adb711b1a7a /src/or/routerparse.c | |
parent | e8748b3fa0973fdd46b60d2b5a1b38d035de1643 (diff) | |
download | tor-e7241044e8f582a61c63d462fbbd1e3b593505ce.tar tor-e7241044e8f582a61c63d462fbbd1e3b593505ce.tar.gz |
Better bounds checking on parsed ints
svn:r2450
Diffstat (limited to 'src/or/routerparse.c')
-rw-r--r-- | src/or/routerparse.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 4ae222245..b97390931 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -1053,6 +1053,10 @@ router_parse_exit_policy(directory_token_t *tok) { bits = (int) strtol(mask, &endptr, 10); if (!*endptr) { /* strtol handled the whole mask. */ + if (bits < 0 || bits > 32) { + log_fn(LOG_WARN, "Bad number of mask bits on exit policy; rejecting."); + goto policy_read_failed; + } newe->msk = ~((1<<(32-bits))-1); } else if (tor_inet_aton(mask, &in) != 0) { newe->msk = ntohl(in.s_addr); @@ -1083,6 +1087,10 @@ router_parse_exit_policy(directory_token_t *tok) { } else { newe->prt_max = newe->prt_min; } + if (newe->prt_min > newe->prt_max) { + log_fn(LOG_WARN,"Insane port range on exit policy; rejecting."); + goto policy_read_failed; + } } in.s_addr = htonl(newe->addr); |