MEDIUM: server: Tighten up parsing of weight string

Detect:
* Empty weight string, including no digits before '%' in relative
  weight string
* Trailing garbage, including between the last integer and '%'
  in relative weights

The motivation for this is to allow the weight string to be safely
logged if successfully parsed by this function

Signed-off-by: Simon Horman <horms@verge.net.au>

diff --git a/src/server.c b/src/server.c
index 4c1762f425019c40f41a65ca674fda4db66d33a5..98a9fbe9c78bc7b37bf14375e2f6a9e26fe966a1 100644 (file)
--- a/src/server.c
+++ b/src/server.c
@@ -164,7 +164,8 @@ const char *server_parse_weight_change_request(struct server *sv,
                                               const char *weight_str)
 {
        struct proxy *px;
-       int w;
+       long int w;
+       char *end;
 
        px = sv->proxy;
 
@@ -174,8 +175,10 @@ const char *server_parse_weight_change_request(struct server *sv,
        if (!*weight_str)
                return "Require <weight> or <weight%>.\n";
 
-       w = atoi(weight_str);
-       if (strchr(weight_str, '%') != NULL) {
+       w = strtol(weight_str, &end, 10);
+       if (end == weight_str)
+               return "Empty weight string empty or preceded by garbage";
+       else if (end[0] == '%' && end[1] == '\0') {
                if (w < 0)
                        return "Relative weight must be positive.\n";
                /* Avoid integer overflow */
@@ -187,6 +190,8 @@ const char *server_parse_weight_change_request(struct server *sv,
        }
        else if (w < 0 || w > 256)
                return "Absolute weight can only be between 0 and 256 inclusive.\n";
+       else if (end[0] != '\0')
+               return "Trailing garbage in weight string";
 
        if (w && w != sv->iweight && !(px->lbprm.algo & BE_LB_PROP_DYN))
                return "Backend is using a static LB algorithm and only accepts weights '0%' and '100%'.\n";