pyglue: generate_random_[machine]_password: reject negative numbers

Other range errors (e.g. min > max) are caught in the wrapped
functions which returns EINVAL, so we don't recapitulate that logic
(see next commit though).

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/python/pyglue.c b/python/pyglue.c
index 969b35145de715f76672357a80f558535c89d108..dee3c296e034323fbcdcdfd580c413de1ae0e593 100644 (file)
--- a/python/pyglue.c
+++ b/python/pyglue.c
@@ -57,8 +57,20 @@ static PyObject *py_generate_random_password(PyObject *self, PyObject *args)
        int min, max;
        PyObject *ret;
        char *retstr;
-       if (!PyArg_ParseTuple(args, "ii", &min, &max))
+       if (!PyArg_ParseTuple(args, "ii", &min, &max)) {
                return NULL;
+       }
+       if (max < 0 || min < 0) {
+               /*
+                * The real range checks happen in generate_random_password().
+                * Here we are just checking the values won't overflow into
+                * numbers when cast to size_t.
+                */
+               PyErr_Format(PyExc_ValueError,
+                            "invalid range: %d - %d",
+                            min, max);
+               return NULL;
+       }
 
        retstr = generate_random_password(NULL, min, max);
        if (retstr == NULL) {
@@ -74,8 +86,21 @@ static PyObject *py_generate_random_machine_password(PyObject *self, PyObject *a
        int min, max;
        PyObject *ret;
        char *retstr;
-       if (!PyArg_ParseTuple(args, "ii", &min, &max))
+       if (!PyArg_ParseTuple(args, "ii", &min, &max)) {
                return NULL;
+       }
+       if (max < 0 || min < 0) {
+               /*
+                * The real range checks happen in
+                * generate_random_machine_password().
+                * Here we are just checking the values won't overflow into
+                * numbers when cast to size_t.
+                */
+               PyErr_Format(PyExc_ValueError,
+                            "invalid range: %d - %d",
+                            min, max);
+               return NULL;
+       }
 
        retstr = generate_random_machine_password(NULL, min, max);
        if (retstr == NULL) {