From: dtucker@openbsd.org Date: Sat, 24 May 2025 08:13:29 +0000 (+0000) Subject: upstream: Replace strncmp + byte count with strprefix in Penalty X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b12d4ab1e16f57c6c348b483b1dbdd4530aaaddd;p=thirdparty%2Fopenssh-portable.git upstream: Replace strncmp + byte count with strprefix in Penalty config parsing. ok kn@, djm@ OpenBSD-Commit-ID: 34a41bb1b9ba37fb6c7eb29a7ea909547bf02a5a --- diff --git a/servconf.c b/servconf.c index f2a540dad..14165429f 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.426 2025/05/22 04:22:03 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.427 2025/05/24 08:13:29 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2084,10 +2084,11 @@ process_server_config_line_depth(ServerOptions *options, char *line, case sPerSourcePenalties: while ((arg = argv_next(&ac, &av)) != NULL) { + const char *q = NULL; + found = 1; value = -1; value2 = 0; - p = NULL; /* Allow no/yes only in first position */ if (strcasecmp(arg, "no") == 0 || (value2 = (strcasecmp(arg, "yes") == 0))) { @@ -2100,35 +2101,28 @@ process_server_config_line_depth(ServerOptions *options, char *line, options->per_source_penalty.enabled == -1) options->per_source_penalty.enabled = value2; continue; - } else if (strncmp(arg, "crash:", 6) == 0) { - p = arg + 6; + } else if ((q = strprefix(arg, "crash:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_crash; - } else if (strncmp(arg, "authfail:", 9) == 0) { - p = arg + 9; + } else if ((q = strprefix(arg, "authfail:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_authfail; - } else if (strncmp(arg, "noauth:", 7) == 0) { - p = arg + 7; + } else if ((q = strprefix(arg, "noauth:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_noauth; - } else if (strncmp(arg, "grace-exceeded:", 15) == 0) { - p = arg + 15; + } else if ((q = strprefix(arg, "grace-exceeded:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_grace; - } else if (strncmp(arg, "refuseconnection:", 17) == 0) { - p = arg + 17; + } else if ((q = strprefix(arg, "refuseconnection:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_refuseconnection; - } else if (strncmp(arg, "max:", 4) == 0) { - p = arg + 4; + } else if ((q = strprefix(arg, "max:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_max; - } else if (strncmp(arg, "min:", 4) == 0) { - p = arg + 4; + } else if ((q = strprefix(arg, "min:", 0)) != NULL) { intptr = &options->per_source_penalty.penalty_min; - } else if (strncmp(arg, "max-sources4:", 13) == 0) { + } else if ((q = strprefix(arg, "max-sources4:", 0)) != NULL) { intptr = &options->per_source_penalty.max_sources4; - if ((errstr = atoi_err(arg+13, &value)) != NULL) + if ((errstr = atoi_err(q, &value)) != NULL) fatal("%s line %d: %s value %s.", filename, linenum, keyword, errstr); - } else if (strncmp(arg, "max-sources6:", 13) == 0) { + } else if ((q = strprefix(arg, "max-sources6:", 0)) != NULL) { intptr = &options->per_source_penalty.max_sources6; - if ((errstr = atoi_err(arg+13, &value)) != NULL) + if ((errstr = atoi_err(q, &value)) != NULL) fatal("%s line %d: %s value %s.", filename, linenum, keyword, errstr); } else if (strcmp(arg, "overflow:deny-all") == 0) { @@ -2148,7 +2142,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, filename, linenum, keyword, arg); } /* If no value was parsed above, assume it's a time */ - if (value == -1 && (value = convtime(p)) == -1) { + if (value == -1 && (value = convtime(q)) == -1) { fatal("%s line %d: invalid %s time value.", filename, linenum, keyword); }