From: Viktor Szakats <commit@vsz.me>
Date: Fri, 3 Oct 2025 22:39:11 +0000 (+0200)
Subject: tests/server: replace banned functions with `curlx_str_hex`
X-Git-Tag: rc-8_17_0-2~242
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=eaf66f18b72ee7c2c6e5e1120b70b14975dd66bd;p=thirdparty%2Fcurl.git

tests/server: replace banned functions with `curlx_str_hex`

Replace an `strtol()` and `strtoul()` call, both used in hex mode, with
`curlx_str_hex()`.

Follow-up to 45438c8d6f8e70385d66c029568524e9e803c539 #18823

Closes #18837
---

diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index c6536fee4a..2ae681072e 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -371,13 +371,20 @@ static void lograw(unsigned char *buffer, ssize_t len)
 static bool read_data_block(unsigned char *buffer, ssize_t maxlen,
                             ssize_t *buffer_len)
 {
+  curl_off_t value;
+  const char *endp;
+
   if(!read_stdin(buffer, 5))
     return FALSE;
 
   buffer[5] = '\0';
 
-  /* !checksrc! disable BANNEDFUNC 1 */
-  *buffer_len = (ssize_t)strtol((char *)buffer, NULL, 16);
+  endp = (char *)buffer;
+  if(curlx_str_hex(&endp, &value, 0xfffff)) {
+    logmsg("Failed to decode buffer size");
+    return FALSE;
+  }
+  *buffer_len = (ssize_t)value;
   if(*buffer_len > maxlen) {
     logmsg("Buffer size (%zd bytes) too small for data size error "
            "(%zd bytes)", maxlen, *buffer_len);
diff --git a/tests/server/sws.c b/tests/server/sws.c
index 20d2bf7632..32e82891fe 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -413,7 +413,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
         static char doc[MAXDOCNAMELEN];
         if(sscanf(req->reqbuf, "CONNECT %" MAXDOCNAMELEN_TXT "s HTTP/%d.%d",
                   doc, &prot_major, &prot_minor) == 3) {
-          char *portp = NULL;
+          const char *portp = NULL;
 
           logmsg("Received a CONNECT %s HTTP/%d.%d request",
                  doc, prot_major, prot_minor);
@@ -424,15 +424,13 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
             req->open = FALSE; /* HTTP 1.0 closes connection by default */
 
           if(doc[0] == '[') {
-            char *p = &doc[1];
-            unsigned long part = 0;
+            const char *p = &doc[1];
+            curl_off_t part = 0;
             /* scan through the hexgroups and store the value of the last group
                in the 'part' variable and use as test case number!! */
             while(*p && (ISXDIGIT(*p) || (*p == ':') || (*p == '.'))) {
-              char *endp;
-              /* !checksrc! disable BANNEDFUNC 1 */
-              part = strtoul(p, &endp, 16);
-              if(ISXDIGIT(*p))
+              const char *endp = p;
+              if(!curlx_str_hex(&endp, &part, 0xffff))
                 p = endp;
               else
                 p++;
@@ -444,7 +442,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
             else
               portp = p + 1;
 
-            req->testno = part;
+            req->testno = (long)part;
           }
           else
             portp = strchr(doc, ':');