From: Frank Lichtenheld <frank@lichtenheld.com>
Date: Thu, 11 Sep 2025 20:15:00 +0000 (+0200)
Subject: options: Factor out usages of strtoll and atoll
X-Git-Tag: v2.7_beta2~30
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=10c42c7407ccc467f75e25f752275e412ff35a91;p=thirdparty%2Fopenvpn.git

options: Factor out usages of strtoll and atoll

This covers the cases where we actually want to
allow numbers > 2^31

Change-Id: I454126b3f8fa9d14501f6c4b1ed9ce7b2904be61
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: MaxF <max@max-fillinger.net>
URL: https://gerrit.openvpn.net/c/openvpn/+/1154
Message-Id: <20250911201505.25582-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32858.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 18cc1d9b3..ae285d92e 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -7193,8 +7193,7 @@ add_option(struct options *options, char *p[], bool is_inline, const char *file,
         options->inactivity_timeout = positive_atoi(p[1], msglevel);
         if (p[2])
         {
-            int64_t val = atoll(p[2]);
-            options->inactivity_minimum_bytes = (val < 0) ? 0 : val;
+            positive_atoll(p[2], &options->inactivity_minimum_bytes, p[0], msglevel);
             if (options->inactivity_minimum_bytes > INT_MAX)
             {
                 msg(M_WARN,
@@ -9545,26 +9544,18 @@ add_option(struct options *options, char *p[], bool is_inline, const char *file,
     else if (streq(p[0], "reneg-bytes") && p[1] && !p[2])
     {
         VERIFY_PERMISSION(OPT_P_TLS_PARMS);
-        char *end;
-        long long reneg_bytes = strtoll(p[1], &end, 10);
-        if (*end != '\0' || reneg_bytes < 0)
+        if (!positive_atoll(p[1], &options->renegotiate_bytes, p[0], msglevel))
         {
-            msg(msglevel, "--reneg-bytes parameter must be an integer and >= 0");
             goto err;
         }
-        options->renegotiate_bytes = reneg_bytes;
     }
     else if (streq(p[0], "reneg-pkts") && p[1] && !p[2])
     {
         VERIFY_PERMISSION(OPT_P_TLS_PARMS);
-        char *end;
-        long long pkt_max = strtoll(p[1], &end, 10);
-        if (*end != '\0' || pkt_max < 0)
+        if (!positive_atoll(p[1], &options->renegotiate_packets, p[0], msglevel))
         {
-            msg(msglevel, "--reneg-pkts parameter must be an integer and >= 0");
             goto err;
         }
-        options->renegotiate_packets = pkt_max;
     }
     else if (streq(p[0], "reneg-sec") && p[1] && !p[3])
     {
diff --git a/src/openvpn/options_util.c b/src/openvpn/options_util.c
index 28f1f9e21..5740ee5a3 100644
--- a/src/openvpn/options_util.c
+++ b/src/openvpn/options_util.c
@@ -131,6 +131,22 @@ positive_atoi(const char *str, int msglevel)
     return (int)i;
 }
 
+bool
+positive_atoll(const char *str, int64_t *value, const char *name, int msglevel)
+{
+    char *endptr;
+    long long ll = strtoll(str, &endptr, 10);
+
+    if (ll < 0 || *endptr != '\0')
+    {
+        msg(msglevel, "%s: Cannot parse '%s' as non-negative integer", name, str);
+        return false;
+    }
+
+    *value = (int64_t)ll;
+    return true;
+}
+
 int
 atoi_warn(const char *str, int msglevel)
 {
diff --git a/src/openvpn/options_util.h b/src/openvpn/options_util.h
index 9eca7b6fd..45417d9e5 100644
--- a/src/openvpn/options_util.h
+++ b/src/openvpn/options_util.h
@@ -39,6 +39,17 @@ bool valid_integer(const char *str, bool positive);
  */
 int positive_atoi(const char *str, int msglevel);
 
+/**
+ * Converts a str to an integer if the string can be represented as an
+ * integer number and is >= 0.
+ * The integer is stored in \p value.
+ * On error, print a warning with \p msglevel using \p name. \p value is
+ * not changed on error.
+ *
+ * @return \c true if the integer has been parsed and stored in value, \c false otherwise
+ */
+bool positive_atoll(const char *str, int64_t *value, const char *name, int msglevel);
+
 /**
  * Converts a str to an integer if the string can be represented as an
  * integer number. Otherwise print a warning with \p msglevel and return 0
diff --git a/tests/unit_tests/openvpn/test_misc.c b/tests/unit_tests/openvpn/test_misc.c
index c3f80dc74..93e2460af 100644
--- a/tests/unit_tests/openvpn/test_misc.c
+++ b/tests/unit_tests/openvpn/test_misc.c
@@ -359,6 +359,17 @@ test_atoi_variants(void **state)
     assert_true(atoi_constrained("-1194", &parameter, "test", INT_MIN, INT_MAX, msglevel));
     assert_int_equal(parameter, -1194);
 
+    int64_t parameter64 = 0;
+    assert_true(positive_atoll("1234", &parameter64, "test", msglevel));
+    assert_int_equal(parameter64, 1234);
+    assert_true(positive_atoll("0", &parameter64, "test", msglevel));
+    assert_int_equal(parameter64, 0);
+    assert_true(positive_atoll("2147483653", &parameter64, "test", msglevel));
+    assert_int_equal(parameter64, 2147483653);
+    /* overflow gets capped to LLONG_MAX */
+    assert_true(positive_atoll("9223372036854775810", &parameter64, "test", msglevel));
+    assert_int_equal(parameter64, 9223372036854775807);
+
     CLEAR(mock_msg_buf);
     assert_int_equal(positive_atoi("-1234", msglevel), 0);
     assert_string_equal(mock_msg_buf, "Cannot parse argument '-1234' as non-negative integer");