restartsquid.c

owes Thu, 17 Feb 2011 02:36:18 -0800

Revision: 5460
          http://ipcop.svn.sourceforge.net/ipcop/?rev=5460&view=rev
Author:   owes
Date:     2011-02-17 10:36:06 +0000 (Thu, 17 Feb 2011)


Log Message:
-----------
Fix handling of long/broken/empty/etc. IPsec config lines.

Modified Paths:
--------------
    ipcop/trunk/src/misc-progs/restartsquid.c

Modified: ipcop/trunk/src/misc-progs/restartsquid.c
===================================================================
--- ipcop/trunk/src/misc-progs/restartsquid.c   2011-02-17 10:27:21 UTC (rev 
5459)
+++ ipcop/trunk/src/misc-progs/restartsquid.c   2011-02-17 10:36:06 UTC (rev 
5460)
@@ -70,7 +70,7 @@
     FILE *file = NULL;
     char *conn_enabled;
     char buffer[STRING_SIZE];
-    char s[STRING_SIZE];
+    char s[STRING_SIZE_LARGE];
 
     if (!setdirectipsec_green && !setdirectipsec_blue)
         return;                 /* nothing to do */
@@ -79,10 +79,17 @@
         fprintf(stderr, "Couldn't open IPsec config file");
         return;                 /* error! exit or return? */
     }
-    /* WARNING: empty lines or comment not handled */
-    while (fgets(s, STRING_SIZE, file) != NULL) {
-        if (s[strlen(s) - 1] == '\n')
+
+    while (fgets(s, STRING_SIZE_LARGE, file) != NULL) {
+        /* Line should contain 25+ comma seperated fields */
+        if (strlen(s) < 25) {
+            verbose_printf(2, "Bad (empty?) configline\n");
+            continue;
+        }
+        if (s[strlen(s) - 1] == '\n') {
             s[strlen(s) - 1] = '\0';
+        }
+
         running = strdup(s);
         result = strsep(&running, ",");
         count = 0;
@@ -103,10 +110,18 @@
             result = strsep(&running, ",");
         }
 
+        if (name == NULL) {
+            verbose_printf(2, "Bad (empty?) configline\n");
+            continue;
+        }
         if (strspn(name, LETTERS_NUMBERS) != strlen(name)) {
             verbose_printf(1, "Bad connection name: %s\n", name);
             continue;
         }
+        if (count < 25) {
+            verbose_printf(2, "Bad configline, name %s count %d, %s\n", name, 
count, s);
+            continue;
+        }
 
         if (!(strcmp(type, "net") == 0)) {
             verbose_printf(2, "Skip (no net-net) connection name: %s\n", name);


This was sent by the SourceForge.net collaborative development platform, the 
world's largest Open Source development site.

------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Ipcop-svn mailing list
Ipcop-svn@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-svn

[Ipcop-svn] SF.net SVN: ipcop:[5460] ipcop/trunk/src/misc-progs/restartsquid.c

Reply via email to