From: Thomas Egerer <thomas.egerer@secunet.com>
Date: Mon, 7 Apr 2025 09:43:59 +0000 (+0200)
Subject: vici: Improve byte lifetime parsing
X-Git-Tag: 6.0.2dr1~42
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ed8c08fbe777102aec2e55272fc0c786e78c784e;p=thirdparty%2Fstrongswan.git

vici: Improve byte lifetime parsing

Increase buffer to 32 bytes to hold uint64_t completely and check for
overflows after multiplication with size modifiers.

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
---

diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
index c0acd6d359..4685ffda55 100644
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
@@ -1271,15 +1271,15 @@ CALLBACK(parse_time32, bool,
 CALLBACK(parse_bytes, bool,
 	uint64_t *out, chunk_t v)
 {
-	char buf[16], *end;
-	unsigned long long l;
+	char buf[32], *end;
+	unsigned long long l, ll;
 
 	if (!vici_stringify(v, buf, sizeof(buf)))
 	{
 		return FALSE;
 	}
 
-	l = strtoull(buf, &end, 0);
+	l = ll = strtoull(buf, &end, 0);
 	while (*end == ' ')
 	{
 		end++;
@@ -1288,15 +1288,15 @@ CALLBACK(parse_bytes, bool,
 	{
 		case 'g':
 		case 'G':
-			l *= 1024;
+			ll *= 1024;
 			/* fall */
 		case 'm':
 		case 'M':
-			l *= 1024;
+			ll *= 1024;
 			/* fall */
 		case 'k':
 		case 'K':
-			l *= 1024;
+			ll *= 1024;
 			end++;
 			break;
 		case '\0':
@@ -1308,7 +1308,7 @@ CALLBACK(parse_bytes, bool,
 	{
 		return FALSE;
 	}
-	*out = l;
+	*out = (ll < l) ? UINT64_MAX : ll;
 	return TRUE;
 }