client: improve parsing of keygen arguments

author Miroslav Lichvar <mlichvar@redhat.com>

Tue, 18 Aug 2020 08:22:21 +0000 (10:22 +0200)

committer Miroslav Lichvar <mlichvar@redhat.com>

Wed, 19 Aug 2020 07:39:26 +0000 (09:39 +0200)
author Miroslav Lichvar <mlichvar@redhat.com>
Tue, 18 Aug 2020 08:22:21 +0000 (10:22 +0200)
committer Miroslav Lichvar <mlichvar@redhat.com>
Wed, 19 Aug 2020 07:39:26 +0000 (09:39 +0200)
diff --git a/client.c b/client.c

index 3d238d09d21417c5b3ca7523654bb476669a4d29..35ad83ebaf65addc9fd03a436f21a651ebc15215 100644 (file)
--- a/client.c
+++ b/client.c
@@ -3167,18 +3167,27 @@ process_cmd_retries(const char *line)
  static int
  process_cmd_keygen(char *line)
  {
+  unsigned int i, args, cmac_length, length, id = 1, bits = 160;
    unsigned char key[512];
-  char type[17];
-  unsigned int i, cmac_length, length, id = 1, bits = 160;
+  const char *type;
+  char *words[3];
  
  #ifdef FEAT_SECHASH
-  snprintf(type, sizeof (type), "SHA1");
+  type = "SHA1";
  #else
-  snprintf(type, sizeof (type), "MD5");
+  type = "MD5";
  #endif
  
-  if (sscanf(line, "%u %16s %u", &id, type, &bits))
-    ;
+  args = UTI_SplitString(line, words, 3);
+  if (args >= 2)
+    type = words[1];
+
+  if (args > 3 ||
+      (args >= 1 && sscanf(words[0], "%u", &id) != 1) ||
+      (args >= 3 && sscanf(words[2], "%u", &bits) != 1)) {
+    LOG(LOGS_ERR, "Invalid syntax for keygen command");
+    return 0;
+  }
  
  #ifdef HAVE_CMAC
    cmac_length = CMC_GetKeyLength(UTI_CmacNameToAlgorithm(type));
author	Miroslav Lichvar <mlichvar@redhat.com>
	Tue, 18 Aug 2020 08:22:21 +0000 (10:22 +0200)
committer	Miroslav Lichvar <mlichvar@redhat.com>
	Wed, 19 Aug 2020 07:39:26 +0000 (09:39 +0200)