Use strtol(), not atoi(), to parse integral values.

strtol()'s error behavior is standardized; atoi()'s isn't.

diff --git a/print-resp.c b/print-resp.c
index 6f2810506992b9dc253c3ee360cc69337418ddae..0aa3d69e6775c2781f39de366aa441fc30838399 100644 (file)
--- a/print-resp.c
+++ b/print-resp.c
@@ -37,9 +37,10 @@
 
 #include <netdissect-stdinc.h>
 #include "netdissect.h"
-
+#include <limits.h>
 #include <string.h>
 #include <stdlib.h>
+#include <errno.h>
 
 #include "extract.h"
 
@@ -238,6 +239,8 @@ trunc:
 static int
 resp_print_bulk_string(netdissect_options *ndo, register const u_char *bp, int length) {
     int length_cur = length, string_len;
+    long strtol_ret;
+    char *p;
 
     ND_TCHECK(*bp);
 
@@ -246,7 +249,13 @@ resp_print_bulk_string(netdissect_options *ndo, register const u_char *bp, int l
     ND_TCHECK(*bp);
 
     /* <length> */
-    string_len = atoi((const char *)bp);
+    errno = 0;
+    strtol_ret = strtol((const char *)bp, &p, 10);
+    if (errno != 0 || p == (const char *)bp || strtol_ret < -1 ||
+        strtol_ret > INT_MAX)
+        string_len = -2; /* invalid */
+    else
+        string_len = (int)strtol_ret;
 
     /* move to \r\n */
     MOVE_FORWARD(bp, length_cur);
@@ -286,6 +295,8 @@ trunc:
 static int
 resp_print_bulk_array(netdissect_options *ndo, register const u_char *bp, int length) {
     int length_cur = length, array_len, i, ret_len = 0;
+    long strtol_ret;
+    char *p;
 
     ND_TCHECK(*bp);
 
@@ -294,7 +305,13 @@ resp_print_bulk_array(netdissect_options *ndo, register const u_char *bp, int le
     ND_TCHECK(*bp);
 
     /* <array_length> */
-    array_len = atoi((const char *)bp);
+    errno = 0;
+    strtol_ret = strtol((const char *)bp, &p, 10);
+    if (errno != 0 || p == (const char *)bp || strtol_ret < -1 ||
+        strtol_ret > INT_MAX)
+        array_len = -2; /* invalid */
+    else
+        array_len = (int)strtol_ret;
 
     /* move to \r\n */
     MOVE_FORWARD(bp, length_cur);

diff --git a/tests/resp_3.out b/tests/resp_3.out
index eb9d8a9bd365cf78b10daa7fed8d9ac49c047206..8c63516bb4bbe0e4ec6a7cd08e55aa6d048f0111 100644 (file)
--- a/tests/resp_3.out
+++ b/tests/resp_3.out
@@ -54,7 +54,7 @@ IP 127.0.0.1.52766 > 127.0.0.1.6379: Flags [.], ack 113, win 342, options [nop,n
 IP 127.0.0.1.52767 > 127.0.0.1.6379: Flags [S], seq 3453687710, win 43690, options [mss 65495,sackOK,TS val 1132419549 ecr 0,nop,wscale 7], length 0
 IP 127.0.0.1.6379 > 127.0.0.1.52767: Flags [S.], seq 4076862539, ack 3453687711, win 43690, options [mss 65495,sackOK,TS val 1132419549 ecr 1132419549,nop,wscale 7], length 0
 IP 127.0.0.1.52767 > 127.0.0.1.6379: Flags [.], ack 1, win 342, options [nop,nop,TS val 1132419549 ecr 1132419549], length 0
-IP 127.0.0.1.52767 > 127.0.0.1.6379: Flags [P.], seq 1:39, ack 1, win 342, options [nop,nop,TS val 1132419549 ecr 1132419549], length 38: RESP null
+IP 127.0.0.1.52767 > 127.0.0.1.6379: Flags [P.], seq 1:39, ack 1, win 342, options [nop,nop,TS val 1132419549 ecr 1132419549], length 38: RESP invalid
 IP 127.0.0.1.6379 > 127.0.0.1.52767: Flags [.], ack 39, win 342, options [nop,nop,TS val 1132419549 ecr 1132419549], length 0
 IP 127.0.0.1.6379 > 127.0.0.1.52767: Flags [P.], seq 1:48, ack 39, win 342, options [nop,nop,TS val 1132419549 ecr 1132419549], length 47: RESP "ERR Protocol error: invalid multibulk length"
 IP 127.0.0.1.52767 > 127.0.0.1.6379: Flags [.], ack 48, win 342, options [nop,nop,TS val 1132419549 ecr 1132419549], length 0