From: Dave Hart <hart@ntp.org>
Date: Wed, 10 May 2023 04:46:32 +0000 (+0000)
Subject: [Bug 3817] Bounds-check "tos floor" configuration. <hart@ntp.org>
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b039469a1218c09f8033f33f41cf5f294a496dfc;p=thirdparty%2Fntp.git

[Bug 3817] Bounds-check "tos floor" configuration. <hart@ntp.org>

bk: 645b21a8ar5gHA4eoUmU8UEI1u4Keg
---

diff --git a/ChangeLog b/ChangeLog
index 3ea4f22d3..410fc228e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,5 @@
 ---
+* [Bug 3817] Bounds-check "tos floor" configuration. <hart@ntp.org>
 * [Bug 3814] First poll delay of new or cleared associations miscalculated.
              <hart@ntp.org>
 * [Bug 3802] ntp-keygen -I default identity modulus bits too small for
diff --git a/ntpd/ntp_config.c b/ntpd/ntp_config.c
index 96e0c5dda..cf522760c 100644
--- a/ntpd/ntp_config.c
+++ b/ntpd/ntp_config.c
@@ -2232,6 +2232,8 @@ config_tos(
 	config_tree *ptree
 	)
 {
+	char const	improper_operation_msg[] = 
+				" - daemon will not operate properly!";
 	attr_val *	tos;
 	int		item;
 	double		val;
@@ -2245,9 +2247,11 @@ config_tos(
 	 * just log an error but do not stop: This might be caused by
 	 * remote config, and it might be fixed by remote config, too.
 	 */
-	int l_maxclock = sys_maxclock;
-	int l_minclock = sys_minclock;
-	int l_minsane  = sys_minsane;
+	int l_maxclock	= sys_maxclock;
+	int l_minclock	= sys_minclock;
+	int l_minsane	= sys_minsane;
+	int l_floor	= sys_floor;
+	int l_ceiling	= sys_ceiling;
 
 	/* -*- phase one: inspect / sanitize the values */
 	tos = HEAD_PFIFO(ptree->orphan_cmds);
@@ -2264,30 +2268,49 @@ config_tos(
 			val = tos->value.d;
 			if (val > 4) {
 				msyslog(LOG_WARNING,
-					"Using maximum bcpollbstep ceiling %d, %d requested",
+					"Using maximum tos bcpollbstep %d, %d requested",
 					4, (int)val);
 				tos->value.d = 4;
 			} else if (val < 0) {
 				msyslog(LOG_WARNING,
-					"Using minimum bcpollbstep floor %d, %d requested",
+					"Using minimum tos bcpollbstep %d, %d requested",
 					0, (int)val);
 				tos->value.d = 0;
 			}
 			break;
 
+		case T_Floor:
+			l_floor = (int)tos->value.d;
+			if (l_floor > STRATUM_UNSPEC - 1) {
+				msyslog(LOG_WARNING,
+					"Using maximum tos floor %d, %d requested",
+					STRATUM_UNSPEC - 1, l_floor);
+				tos->value.d = STRATUM_UNSPEC - 1;
+			}
+			else if (l_floor < 0) {
+				msyslog(LOG_WARNING,
+					"Using minimum tos floor %d, %d requested",
+					0, l_floor);
+				tos->value.d = 0;
+			}
+			l_floor = (int)tos->value.d;
+			break;
+
 		case T_Ceiling:
-			val = tos->value.d;
-			if (val > STRATUM_UNSPEC - 1) {
+			l_ceiling = (int)tos->value.d;
+			if (l_ceiling > STRATUM_UNSPEC - 1) {
 				msyslog(LOG_WARNING,
 					"Using maximum tos ceiling %d, %d requested",
-					STRATUM_UNSPEC - 1, (int)val);
+					STRATUM_UNSPEC - 1, l_ceiling);
 				tos->value.d = STRATUM_UNSPEC - 1;
-			} else if (val < 1) {
+			}
+			else if (l_ceiling < 0) {
 				msyslog(LOG_WARNING,
-					"Using minimum tos floor %d, %d requested",
-					1, (int)val);
-				tos->value.d = 1;
+					"Using minimum tos ceiling %d, %d requested",
+					0, l_ceiling);
+				tos->value.d = 0;
 			}
+			l_ceiling = (int)tos->value.d;
 			break;
 
 		case T_Minclock:
@@ -2314,10 +2337,16 @@ config_tos(
 	}
 
 	if ( ! (l_minsane < l_minclock && l_minclock <= l_maxclock)) {
-		msyslog(LOG_ERR,
-			"tos error: must have minsane (%d) < minclock (%d) <= maxclock (%d)"
-			" - daemon will not operate properly!",
-			l_minsane, l_minclock, l_maxclock);
+		msyslog(LOG_ERR, "Must have tos "
+			"minsane (%d) < minclock (%d) <= maxclock (%d)%s",
+			l_minsane, l_minclock, l_maxclock,
+			improper_operation_msg);
+	}
+
+	if (l_floor > l_ceiling) {
+		msyslog(LOG_ERR, "Must have tos "
+			"floor (%d) <= ceiling (%d)%s",
+			l_floor, l_ceiling, improper_operation_msg);
 	}
 
 	/* -*- phase two: forward the values to the protocol machinery */