From: Victor Julien <victor@inliniac.net>
Date: Mon, 27 Apr 2020 06:17:51 +0000 (+0200)
Subject: datasets: reputation value validation
X-Git-Tag: suricata-5.0.3~22
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a79cf9ca2eac22acac253ee495a6062fa53ac06d;p=thirdparty%2Fsuricata.git

datasets: reputation value validation
---

diff --git a/src/datasets.c b/src/datasets.c
index c18ef449f6..bd5f127624 100644
--- a/src/datasets.c
+++ b/src/datasets.c
@@ -32,6 +32,7 @@
 #include "util-print.h"
 #include "util-crypt.h"     // encode base64
 #include "util-base64.h"    // decode base64
+#include "util-byte.h"
 
 SCMutex sets_lock = SCMUTEX_INITIALIZER;
 static Dataset *sets = NULL;
@@ -138,14 +139,16 @@ static int ParseRepLine(const char *in, size_t ins, DataRepType *rep_out)
         return -1;
     }
 
-    int v = atoi(ptrs[0]);
-    if (v < 0 || v > USHRT_MAX) {
-        SCLogDebug("v %d", v);
+    uint64_t v = 0;
+    size_t r = ByteExtractString(&v, 10, strlen(ptrs[0]), ptrs[0]);
+    if (r != strlen(ptrs[0]) || v > (uint64_t)USHRT_MAX) {
+        SCLogError(SC_ERR_INVALID_NUMERIC_VALUE,
+                "'%s' is not a valid reputation value (0-65535)", ptrs[0]);
         return -1;
     }
-    SCLogDebug("v %d raw %s", v, ptrs[0]);
+    SCLogDebug("v %"PRIu64" raw %s", v, ptrs[0]);
 
-    rep_out->value = v;
+    rep_out->value = (uint16_t)v;
     return 0;
 }