On Fri, Aug 18, 2017 at 09:24:33AM -0700, Chris Cappuccio wrote:
> This looks correct. Also, there's more:
Thanks for looking and catching what I missed. It hit me a while after
I sent my original email that relayd likely has the same bug. D'oh.
Here is an updated patch for httpd, ldapd, relayd, smtpd, switchd and
ypldap, which all seem to have the off-by-one bug for port number
checking (where 65535 is unusable and called invalid, at least when
specifying it as a number). Again, I cannot build and actually test
this right now.
Cheers,
Kris Katterjohn
Index: usr.sbin/httpd/parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/httpd/parse.y,v
retrieving revision 1.91
diff -u -p -r1.91 parse.y
--- usr.sbin/httpd/parse.y 11 Aug 2017 18:48:56 -0000 1.91
+++ usr.sbin/httpd/parse.y 19 Aug 2017 20:15:31 -0000
@@ -1118,7 +1118,7 @@ medianamesl : numberstring
{
;
port : PORT NUMBER {
- if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
+ if ($2 <= 0 || $2 > (int)USHRT_MAX) {
yyerror("invalid port: %lld", $2);
YYERROR;
}
Index: usr.sbin/ldapd/parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/ldapd/parse.y,v
retrieving revision 1.24
diff -u -p -r1.24 parse.y
--- usr.sbin/ldapd/parse.y 6 Apr 2017 12:22:32 -0000 1.24
+++ usr.sbin/ldapd/parse.y 19 Aug 2017 20:15:31 -0000
@@ -161,7 +161,7 @@ port : PORT STRING {
free($2);
}
| PORT NUMBER {
- if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
+ if ($2 <= 0 || $2 > (int)USHRT_MAX) {
yyerror("invalid port: %lld", $2);
YYERROR;
}
Index: usr.sbin/relayd/parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
retrieving revision 1.215
diff -u -p -r1.215 parse.y
--- usr.sbin/relayd/parse.y 27 May 2017 08:33:25 -0000 1.215
+++ usr.sbin/relayd/parse.y 19 Aug 2017 20:15:32 -0000
@@ -338,7 +338,7 @@ port : PORT STRING {
free($2);
}
| PORT NUMBER {
- if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
+ if ($2 <= 0 || $2 > (int)USHRT_MAX) {
yyerror("invalid port: %d", $2);
YYERROR;
}
Index: usr.sbin/smtpd/parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/parse.y,v
retrieving revision 1.197
diff -u -p -r1.197 parse.y
--- usr.sbin/smtpd/parse.y 11 Jul 2017 06:08:40 -0000 1.197
+++ usr.sbin/smtpd/parse.y 19 Aug 2017 20:15:33 -0000
@@ -480,7 +480,7 @@ opt_if_listen : INET4 {
}
listen_opts.options |= LO_PORT;
- if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
+ if ($2 <= 0 || $2 > (int)USHRT_MAX) {
yyerror("invalid port: %" PRId64, $2);
YYERROR;
}
Index: usr.sbin/switchd/parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/switchd/parse.y,v
retrieving revision 1.5
diff -u -p -r1.5 parse.y
--- usr.sbin/switchd/parse.y 6 Aug 2017 17:31:19 -0000 1.5
+++ usr.sbin/switchd/parse.y 19 Aug 2017 20:15:33 -0000
@@ -144,7 +144,7 @@ listen : LISTEN ON STRING opttls port {
;
port : PORT NUMBER {
- if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
+ if ($2 <= 0 || $2 > (int)USHRT_MAX) {
yyerror("invalid port: %lld", $2);
YYERROR;
}
Index: usr.sbin/ypldap/parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/ypldap/parse.y,v
retrieving revision 1.22
diff -u -p -r1.22 parse.y
--- usr.sbin/ypldap/parse.y 30 May 2017 09:33:31 -0000 1.22
+++ usr.sbin/ypldap/parse.y 19 Aug 2017 20:15:33 -0000
@@ -171,7 +171,7 @@ port : PORT STRING
{
free($2);
}
| PORT NUMBER {
- if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
+ if ($2 <= 0 || $2 > (int)USHRT_MAX) {
yyerror("invalid port: %lld", $2);
YYERROR;
}
