shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-06-11 12:56:21 +09:00
Code Issues Packages Projects Releases Wiki Activity

options: validate SSH port values in the 1-65535 range

Browse Source 
Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/815>
This commit is contained in:
Nuhiat-Arefin
2026-04-14 19:56:26 +06:00
committed by Jakub Jelen
parent 13e1543205
commit a9b2831f63
2 changed files with 46 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/options.c
View File

@@ -825,12 +825,12 @@ int ssh_options_set(ssh_session session,
return -1;
} else {
int *x = (int *) value;
if (*x <= 0) {
if (*x <= 0 || *x > 65535) {
ssh_set_error_invalid(session);
return -1;
}
session->opts.port = *x & 0xffffU;
session->opts.port = *x;
}
break;
case SSH_OPTIONS_PORT_STR:
@@ -845,18 +845,18 @@ int ssh_options_set(ssh_session session,
return -1;
}
i = strtol(q, &p, 10);
if (q == p) {
if (q == p || *p != '\0') {
SSH_LOG(SSH_LOG_DEBUG, "No port number was parsed");
SAFE_FREE(q);
return -1;
}
SAFE_FREE(q);
if (i <= 0) {
if (i <= 0 || i > 65535) {
ssh_set_error_invalid(session);
return -1;
}
session->opts.port = i & 0xffffU;
session->opts.port = i;
}
break;
case SSH_OPTIONS_FD:

42
tests/unittests/torture_options.c
View File

@@ -853,9 +853,49 @@ static void torture_options_set_port(void **state)
assert_true(rc == 0);
assert_true(session->opts.port == 23);
rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "23abc");
assert_true(rc == -1);
assert_true(session->opts.port == 23);
rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "five");
assert_true(rc == -1);
assert_int_not_equal(session->opts.port, 0);
assert_true(session->opts.port == 23);
port = 65535;
rc = ssh_options_set(session, SSH_OPTIONS_PORT, &port);
assert_true(rc == 0);
assert_true(session->opts.port == 65535);
rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "65535");
assert_true(rc == 0);
assert_true(session->opts.port == 65535);
port = 65536;
rc = ssh_options_set(session, SSH_OPTIONS_PORT, &port);
assert_true(rc == -1);
assert_true(session->opts.port == 65535);
rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "65536");
assert_true(rc == -1);
assert_true(session->opts.port == 65535);
port = 0;
rc = ssh_options_set(session, SSH_OPTIONS_PORT, &port);
assert_true(rc == -1);
assert_true(session->opts.port == 65535);
rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "-1");
assert_true(rc == -1);
assert_true(session->opts.port == 65535);
port = 70000;
rc = ssh_options_set(session, SSH_OPTIONS_PORT, &port);
assert_true(rc == -1);
assert_true(session->opts.port == 65535);
rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "70000");
assert_true(rc == -1);
assert_true(session->opts.port == 65535);
rc = ssh_options_set(session, SSH_OPTIONS_PORT, NULL);
assert_true(rc == -1);