Browse code

core: fix crashes and logical errors for cmd line parsing, reported from Thuan Pham

- fix a bunch of crashes and logical errors for command line parsing
- do not parse tcp, tls and sctp in listen statement if TCP or SCTP is disabled
- this will later crash during module startup (e.g. in tm)
- do not allow to config TCP and SCTP children count if TCP or SCTP is disabled
- report error messages in this cases to help users detect it
- reported from Thuan Pham, Thuan.Pham at monash dot edu

Henning Westerholt authored on 07/02/2019 20:26:27
Showing 1 changed files
... ...
@@ -954,10 +954,16 @@ int parse_proto(unsigned char* s, long len, int* proto)
954 954
 				break;
955 955
 #ifdef USE_TCP
956 956
 			case PROTO2UINT3('t', 'c', 'p'):
957
+				if (tcp_disable) {
958
+					return -1;
959
+				}
957 960
 				*proto=PROTO_TCP;
958 961
 				break;
959 962
 #ifdef USE_TLS
960 963
 			case PROTO2UINT3('t', 'l', 's'):
964
+				if (tcp_disable || tls_disable) {
965
+					return -1;
966
+				}
961 967
 				*proto=PROTO_TLS;
962 968
 				break;
963 969
 #endif
... ...
@@ -969,10 +975,14 @@ int parse_proto(unsigned char* s, long len, int* proto)
969 969
 #ifdef USE_SCTP
970 970
 	else if (likely(len==4)){
971 971
 		i=PROTO2UINT4(s[0], s[1], s[2], s[3]);
972
-		if (i==PROTO2UINT4('s', 'c', 't', 'p'))
972
+		if (i==PROTO2UINT4('s', 'c', 't', 'p')) {
973
+			if (sctp_disable) {
974
+				return -1;
975
+			}
973 976
 			*proto=PROTO_SCTP;
974
-		else
977
+		} else {
975 978
 			return -1;
979
+		}
976 980
 	}
977 981
 #endif /* USE_SCTP */
978 982
 	else
... ...
@@ -2261,10 +2271,25 @@ try_again:
2261 2261
 						goto error;
2262 2262
 					}
2263 2263
 					break;
2264
+			case 'T':
2265
+				#ifdef USE_TCP
2266
+					tcp_disable=1;
2267
+				#else
2268
+					fprintf(stderr,"WARNING: tcp support not compiled in\n");
2269
+				#endif
2270
+					break;
2271
+			case 'S':
2272
+				#ifdef USE_SCTP
2273
+					sctp_disable=1;
2274
+				#else
2275
+					fprintf(stderr,"WARNING: sctp support not compiled in\n");
2276
+				#endif
2277
+					break;
2264 2278
 			case 'l':
2265 2279
 					if ((n_lst=parse_phostport_mh(optarg, &tmp, &tmp_len,
2266 2280
 											&port, &proto))==0){
2267
-						fprintf(stderr, "bad -l address specifier: %s\n",
2281
+						fprintf(stderr, "bad -l address specifier: %s\n"
2282
+											"Check disabled protocols\n",
2268 2283
 										optarg);
2269 2284
 						goto error;
2270 2285
 					}
... ...
@@ -2297,15 +2322,13 @@ try_again:
2297 2297
 			case 'D':
2298 2298
 					dont_fork_cnt++;
2299 2299
 					break;
2300
-			case 'T':
2301
-				#ifdef USE_TCP
2302
-					tcp_disable=1;
2303
-				#else
2304
-					fprintf(stderr,"WARNING: tcp support not compiled in\n");
2305
-				#endif
2306
-					break;
2307 2300
 			case 'N':
2308 2301
 				#ifdef USE_TCP
2302
+					if (tcp_disable) {
2303
+						fprintf(stderr, "could not configure TCP children: -N %s\n"
2304
+ 									"TCP support disabled\n", optarg);
2305
+						goto error;
2306
+					}
2309 2307
 					tcp_cfg_children_no=strtol(optarg, &tmp, 10);
2310 2308
 					if ((tmp==0) ||(*tmp)){
2311 2309
 						fprintf(stderr, "bad process number: -N %s\n",
... ...
@@ -2328,15 +2351,13 @@ try_again:
2328 2328
 					fprintf(stderr,"WARNING: tcp support not compiled in\n");
2329 2329
 				#endif
2330 2330
 					break;
2331
-			case 'S':
2332
-				#ifdef USE_SCTP
2333
-					sctp_disable=1;
2334
-				#else
2335
-					fprintf(stderr,"WARNING: sctp support not compiled in\n");
2336
-				#endif
2337
-					break;
2338 2331
 			case 'Q':
2339 2332
 				#ifdef USE_SCTP
2333
+					if (sctp_disable) {
2334
+						fprintf(stderr, "could not configure SCTP children: -Q %s\n"
2335
+									"SCTP support disabled\n", optarg);
2336
+						goto error;
2337
+					}
2340 2338
 					sctp_children_no=strtol(optarg, &tmp, 10);
2341 2339
 					if ((tmp==0) ||(*tmp)){
2342 2340
 						fprintf(stderr, "bad process number: -O %s\n",