Bug 3845: http_port tcpkeepalive= option fails parsing

The stricter xato*() parsing bounds checks are halting on the ','
delimiters. Fix this by adding an optional end-of-value parameter to the
relevant parse functions and sending the delimiter in.

This fix makes xatoui() and xatoll() more friendly to parsing
unterminated strings.

previous to this fix the latter two values of tcpkeepalive= were
undocumented optional. This makes Squid enforce the documented format
where all three values are required if any is set.

diff --git a/src/Parsing.cc b/src/Parsing.cc
index 2ed440b1f0deceb73cef919582bcb29e1b1ba0db..1a764878d9eb69c1616c5532ecd885108259f3eb 100644 (file)
--- a/src/Parsing.cc
+++ b/src/Parsing.cc
@@ -75,9 +75,9 @@ xatoi(const char *token)
 }
 
 unsigned int
-xatoui(const char *token)
+xatoui(const char *token, char eov)
 {
-    int64_t input = xatoll(token, 10);
+    int64_t input = xatoll(token, 10, eov);
     if (input < 0) {
         debugs(0, DBG_PARSE_NOTE(DBG_IMPORTANT), "ERROR: The input value '" << token << "' cannot be less than 0.");
         self_destruct();
@@ -107,7 +107,7 @@ xatol(const char *token)
 }
 
 int64_t
-xatoll(const char *token, int base)
+xatoll(const char *token, int base, char eov)
 {
     char *end = NULL;
     int64_t ret = strtoll(token, &end, base);
@@ -117,7 +117,7 @@ xatoll(const char *token, int base)
         self_destruct();
     }
 
-    if (*end) {
+    if (*end != eov) {
         debugs(0, DBG_PARSE_NOTE(DBG_IMPORTANT), "ERROR: Invalid value: '" << token << "' is supposed to be a number.");
         self_destruct();
     }

diff --git a/src/Parsing.h b/src/Parsing.h
index 4f9aa075f5d50d39f9b23c5121c251d90fdfd7d8..36ec21e7523924f9c74e137987df9188077b7627 100644 (file)
--- a/src/Parsing.h
+++ b/src/Parsing.h
@@ -38,9 +38,9 @@
 
 double xatof(const char *token);
 int xatoi(const char *token);
-unsigned int xatoui(const char *token);
+unsigned int xatoui(const char *token, char eov = '\0');
 long xatol(const char *token);
-int64_t xatoll(const char *token, int base);
+int64_t xatoll(const char *token, int base, char eov = '\0');
 unsigned short xatos(const char *token);
 
 /**

diff --git a/src/cache_cf.cc b/src/cache_cf.cc
index 9485c8eca2500bfe3db8711b7560f807d19201ee..75f54dfd1242e5844ecba4648e65c9bdf9f424cb 100644 (file)
--- a/src/cache_cf.cc
+++ b/src/cache_cf.cc
@@ -3699,17 +3699,16 @@ parse_port_option(AnyP::PortCfg * s, char *token)
     } else if (strncmp(token, "tcpkeepalive=", 13) == 0) {
         char *t = token + 13;
         s->tcp_keepalive.enabled = true;
-        s->tcp_keepalive.idle = xatoui(t);
+        s->tcp_keepalive.idle = xatoui(t,',');
         t = strchr(t, ',');
         if (t) {
             ++t;
-            s->tcp_keepalive.interval = xatoui(t);
+            s->tcp_keepalive.interval = xatoui(t,',');
             t = strchr(t, ',');
         }
         if (t) {
             ++t;
             s->tcp_keepalive.timeout = xatoui(t);
-            // t = strchr(t, ','); // not really needed, left in as documentation
         }
 #if USE_SSL
     } else if (strcmp(token, "sslBump") == 0) {