Check the user where possible. I've looked for 'user' in ipmitool
manpage to find the occurences, I hope I got all of them.
Signed-off-by: Jan Safranek <jsafr...@redhat.com>
---
include/ipmitool/helper.h | 2 ++
lib/helper.c | 17 +++++++++++++++++
lib/ipmi_channel.c | 7 +++++--
lib/ipmi_sol.c | 3 ++-
lib/ipmi_sunoem.c | 6 ++++--
lib/ipmi_user.c | 45 ++++++++++++++-------------------------------
6 files changed, 44 insertions(+), 36 deletions(-)
diff --git a/include/ipmitool/helper.h b/include/ipmitool/helper.h
index 031da22..b586ec3 100644
--- a/include/ipmitool/helper.h
+++ b/include/ipmitool/helper.h
@@ -77,6 +77,8 @@ uint8_t ipmi_csum(uint8_t * d, int s);
FILE * ipmi_open_file(const char * file, int rw);
void ipmi_start_daemon(struct ipmi_intf *intf);
+int parse_user(const char *arg, uint8_t *user);
+
#define ipmi_open_file_read(file) ipmi_open_file(file, 0)
#define ipmi_open_file_write(file) ipmi_open_file(file, 1)
diff --git a/lib/helper.c b/lib/helper.c
index 3109dfe..db2884d 100644
--- a/lib/helper.c
+++ b/lib/helper.c
@@ -438,3 +438,20 @@ ipmi_start_daemon(struct ipmi_intf *intf)
dup(0);
dup(0);
}
+
+int parse_user(const char *arg, uint8_t *user)
+{
+ char *end;
+ unsigned long val;
+
+ errno = 0;
+ val = strtoul(arg, &end, 0);
+ /* User ID is 6-bit integer, value 0 is reserved. */
+ if (errno != 0 || *end != '\0' || val > 0x3f || val == 0) {
+ lprintf(LOG_ERR, "Invalid user: %s\n", arg);
+ return -1;
+ }
+
+ *user = val;
+ return 0;
+}
diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c
index 4acdae7..0920162 100644
--- a/lib/ipmi_channel.c
+++ b/lib/ipmi_channel.c
@@ -452,7 +452,9 @@ ipmi_set_user_access(struct ipmi_intf * intf, int argc,
char ** argv)
}
channel = (uint8_t)strtol(argv[0], NULL, 0);
- userid = (uint8_t)strtol(argv[1], NULL, 0);
+
+ if (parse_user(argv[1], &userid) != 0)
+ return -1;
memset(&req, 0, sizeof(req));
req.msg.netfn = IPMI_NETFN_APP;
@@ -821,7 +823,8 @@ ipmi_channel_main(struct ipmi_intf * intf, int argc, char
** argv)
uint8_t ch = (uint8_t)strtol(argv[1], NULL, 0);
uint8_t id = 0;
if (argc == 3)
- id = (uint8_t)strtol(argv[2], NULL, 0);
+ if (parse_user(argv[2], &id) != 0)
+ return -1;
retval = ipmi_get_user_access(intf, ch, id);
}
}
diff --git a/lib/ipmi_sol.c b/lib/ipmi_sol.c
index c2689a6..c829395 100644
--- a/lib/ipmi_sol.c
+++ b/lib/ipmi_sol.c
@@ -1957,7 +1957,8 @@ ipmi_sol_main(struct ipmi_intf * intf, int argc, char **
argv)
}
if (argc == 4)
{
- userid = (uint8_t)strtol(argv[3], NULL, 0);
+ if (parse_user(argv[3], &userid) != 0)
+ return -1;
}
if (!strncmp(argv[1], "enable", 6))
diff --git a/lib/ipmi_sunoem.c b/lib/ipmi_sunoem.c
index acc1720..566451c 100644
--- a/lib/ipmi_sunoem.c
+++ b/lib/ipmi_sunoem.c
@@ -831,7 +831,8 @@ ipmi_sunoem_main(struct ipmi_intf * intf, int argc, char **
argv)
ipmi_sunoem_usage();
return -1;
}
- uid = (uint8_t)strtoul(argv[2], NULL, 0);
+ if (parse_user(argv[2], &uid) != 0)
+ return -1;
rc = ipmi_sunoem_sshkey_del(intf, uid);
}
else if (strncmp(argv[1], "set", 3) == 0) {
@@ -840,7 +841,8 @@ ipmi_sunoem_main(struct ipmi_intf * intf, int argc, char **
argv)
ipmi_sunoem_usage();
return -1;
}
- uid = (uint8_t)strtoul(argv[2], NULL, 0);
+ if (parse_user(argv[2], &uid) != 0)
+ return -1;
rc = ipmi_sunoem_sshkey_set(intf, uid, argv[3]);
}
}
diff --git a/lib/ipmi_user.c b/lib/ipmi_user.c
index 57e64b7..93ce11b 100644
--- a/lib/ipmi_user.c
+++ b/lib/ipmi_user.c
@@ -583,15 +583,10 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char **
argv)
{
char * password = NULL;
int password_length = atoi(argv[2]);
- uint8_t user_id = (uint8_t)strtol(argv[1],
- NULL,
- 0);
- if (user_id == 0)
- {
- lprintf(LOG_ERR, "Invalid user ID: %d",
user_id);
- return -1;
- }
+ uint8_t user_id;
+ if (parse_user(argv[1], &user_id) != 0)
+ return -1;
if (argc == 3)
{
@@ -642,15 +637,10 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char **
argv)
(strncmp("password", argv[1], 8) == 0))
{
char * password = NULL;
- uint8_t user_id = (uint8_t)strtol(argv[2],
- NULL,
- 0);
- if (user_id == 0)
- {
- lprintf(LOG_ERR, "Invalid user ID: %d",
user_id);
- return -1;
- }
+ uint8_t user_id;
+ if (parse_user(argv[2], &user_id) != 0)
+ return -1;
if (argc == 3)
{
@@ -715,17 +705,17 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char **
argv)
else if ((argc >= 2) &&
(strncmp("name", argv[1], 4) == 0))
{
+ uint8_t user_id;
if (argc != 4)
{
print_user_usage();
return -1;
}
+ if (parse_user(argv[2], &user_id) != 0)
+ return -1;
- retval = ipmi_user_set_username(intf,
- (uint8_t)strtol(argv[2],
- NULL,
- 0),
- argv[3]);
+
+ retval = ipmi_user_set_username(intf, user_id, argv[3]);
}
else
{
@@ -751,7 +741,8 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char **
argv)
channel = (channel & 0x0f);
}
- user_id = (uint8_t)strtol(argv[1], NULL, 0);
+ if (parse_user(argv[1], &user_id) != 0)
+ return -1;
priv_level = (uint8_t)strtol(argv[2], NULL, 0);
priv_level = (priv_level & 0x0f);
@@ -782,16 +773,8 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char **
argv)
print_user_usage();
return -1;
}
-
- user_id = (uint8_t)strtol(argv[1],
- NULL,
- 0);
- if (user_id == 0)
- {
- lprintf(LOG_ERR, "Invalid user ID: %d", user_id);
+ if (parse_user(argv[1], &user_id) != 0)
return -1;
- }
-
operation = (strncmp(argv[0], "disable", 7) == 0) ?
IPMI_PASSWORD_DISABLE_USER : IPMI_PASSWORD_ENABLE_USER;
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Ipmitool-devel mailing list
Ipmitool-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
