Detect invalid durations

Be stricter in durations that are accepted. Basically we accept ISO 8601
formats, but fail to detect garbage after the integers in such strings.

For example, 'P7.5D' will be treated as 7 days. Pass 'endptr' to
'strtoll' and check if the endptr is at the correct suffix.

(cherry picked from commit e39de45adc435629ef8925edc5022bf15c8971a3)

diff --git a/bin/tests/system/checkconf/bad-kasp-duration.conf b/bin/tests/system/checkconf/bad-kasp-duration.conf
new file mode 100644 (file)
index 0000000..74f0827
--- /dev/null
+++ b/bin/tests/system/checkconf/bad-kasp-duration.conf
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+dnssec-policy "invalid-sigrefresh" {
+       keys {
+               csk lifetime unlimited algorithm 13;
+       };
+       signatures-refresh P7.5D;
+};
+
+zone "example.net" {
+       type primary;
+       file "example.db";
+       dnssec-policy "invalid-sigrefresh";
+};

diff --git a/lib/isccfg/duration.c b/lib/isccfg/duration.c
index 9ed9d6f65797ea9e879771550449008538a4576e..98476a085b95b383c6c2392f120a3969cabd6f14 100644 (file)
--- a/lib/isccfg/duration.c
+++ b/lib/isccfg/duration.c
@@ -45,6 +45,7 @@ isccfg_duration_fromtext(isc_textregion_t *source,
        bool not_weeks = false;
        int i;
        long long int lli;
+       char *endptr;
 
        /*
         * Copy the buffer as it may not be NULL terminated.
@@ -76,7 +77,11 @@ isccfg_duration_fromtext(isc_textregion_t *source,
        X = strpbrk(str, "Yy");
        if (X != NULL) {
                errno = 0;
-               lli = strtoll(str + 1, NULL, 10);
+               endptr = NULL;
+               lli = strtoll(str + 1, &endptr, 10);
+               if (*endptr != *X) {
+                       return (ISC_R_BADNUMBER);
+               }
                if (errno != 0 || lli < 0 || lli > UINT32_MAX) {
                        return (ISC_R_BADNUMBER);
                }
@@ -94,7 +99,10 @@ isccfg_duration_fromtext(isc_textregion_t *source,
         */
        if (X != NULL && (T == NULL || (size_t)(X - P) < (size_t)(T - P))) {
                errno = 0;
-               lli = strtoll(str + 1, NULL, 10);
+               lli = strtoll(str + 1, &endptr, 10);
+               if (*endptr != *X) {
+                       return (ISC_R_BADNUMBER);
+               }
                if (errno != 0 || lli < 0 || lli > UINT32_MAX) {
                        return (ISC_R_BADNUMBER);
                }
@@ -107,7 +115,10 @@ isccfg_duration_fromtext(isc_textregion_t *source,
        X = strpbrk(str, "Dd");
        if (X != NULL) {
                errno = 0;
-               lli = strtoll(str + 1, NULL, 10);
+               lli = strtoll(str + 1, &endptr, 10);
+               if (*endptr != *X) {
+                       return (ISC_R_BADNUMBER);
+               }
                if (errno != 0 || lli < 0 || lli > UINT32_MAX) {
                        return (ISC_R_BADNUMBER);
                }
@@ -126,7 +137,10 @@ isccfg_duration_fromtext(isc_textregion_t *source,
        X = strpbrk(str, "Hh");
        if (X != NULL && T != NULL) {
                errno = 0;
-               lli = strtoll(str + 1, NULL, 10);
+               lli = strtoll(str + 1, &endptr, 10);
+               if (*endptr != *X) {
+                       return (ISC_R_BADNUMBER);
+               }
                if (errno != 0 || lli < 0 || lli > UINT32_MAX) {
                        return (ISC_R_BADNUMBER);
                }
@@ -144,7 +158,10 @@ isccfg_duration_fromtext(isc_textregion_t *source,
         */
        if (X != NULL && T != NULL && (size_t)(X - P) > (size_t)(T - P)) {
                errno = 0;
-               lli = strtoll(str + 1, NULL, 10);
+               lli = strtoll(str + 1, &endptr, 10);
+               if (*endptr != *X) {
+                       return (ISC_R_BADNUMBER);
+               }
                if (errno != 0 || lli < 0 || lli > UINT32_MAX) {
                        return (ISC_R_BADNUMBER);
                }
@@ -157,7 +174,10 @@ isccfg_duration_fromtext(isc_textregion_t *source,
        X = strpbrk(str, "Ss");
        if (X != NULL && T != NULL) {
                errno = 0;
-               lli = strtoll(str + 1, NULL, 10);
+               lli = strtoll(str + 1, &endptr, 10);
+               if (*endptr != *X) {
+                       return (ISC_R_BADNUMBER);
+               }
                if (errno != 0 || lli < 0 || lli > UINT32_MAX) {
                        return (ISC_R_BADNUMBER);
                }
@@ -174,7 +194,10 @@ isccfg_duration_fromtext(isc_textregion_t *source,
                        return (ISC_R_BADNUMBER);
                } else {
                        errno = 0;
-                       lli = strtoll(str + 1, NULL, 10);
+                       lli = strtoll(str + 1, &endptr, 10);
+                       if (*endptr != *W) {
+                               return (ISC_R_BADNUMBER);
+                       }
                        if (errno != 0 || lli < 0 || lli > UINT32_MAX) {
                                return (ISC_R_BADNUMBER);
                        }