From: deraadt@openbsd.org <deraadt@openbsd.org>
Date: Tue, 2 Apr 2024 09:29:31 +0000 (+0000)
Subject: upstream: Use strtonum() instead of severely non-idomatic
X-Git-Tag: V_9_8_P1~125
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=019a5f483b0f588da6270ec401d0b4bb35032f3f;p=thirdparty%2Fopenssh-portable.git

upstream: Use strtonum() instead of severely non-idomatic

strtoul() In particular this will now reject trailing garbage, ie.
'12garbage'. ok djm

OpenBSD-Commit-ID: c82d95e3ccbfedfc91a8041c2f8bf0cf987d1501
---

diff --git a/addr.c b/addr.c
index fa8c66922..0e7cb1df3 100644
--- a/addr.c
+++ b/addr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: addr.c,v 1.7 2023/03/27 03:31:05 djm Exp $ */
+/* $OpenBSD: addr.c,v 1.8 2024/04/02 09:29:31 deraadt Exp $ */
 
 /*
  * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
@@ -27,6 +27,7 @@
 #include <string.h>
 #include <stdlib.h>
 #include <stdio.h>
+#include <limits.h>
 
 #include "addr.h"
 
@@ -457,8 +458,9 @@ int
 addr_pton_cidr(const char *p, struct xaddr *n, u_int *l)
 {
 	struct xaddr tmp;
-	long unsigned int masklen = 999;
-	char addrbuf[64], *mp, *cp;
+	u_int masklen = 999;
+	char addrbuf[64], *mp;
+	const char *errstr;
 
 	/* Don't modify argument */
 	if (p == NULL || strlcpy(addrbuf, p, sizeof(addrbuf)) >= sizeof(addrbuf))
@@ -467,8 +469,8 @@ addr_pton_cidr(const char *p, struct xaddr *n, u_int *l)
 	if ((mp = strchr(addrbuf, '/')) != NULL) {
 		*mp = '\0';
 		mp++;
-		masklen = strtoul(mp, &cp, 10);
-		if (*mp < '0' || *mp > '9' || *cp != '\0' || masklen > 128)
+		masklen = (u_int)strtonum(mp, 0, INT_MAX, &errstr);
+		if (errstr)
 			return -1;
 	}