INN commit: trunk (8 files)

INN Commit Russ_Allbery at isc.org
Sat Sep 6 16:43:51 UTC 2008


    Date: Saturday, September 6, 2008 @ 09:43:51
  Author: iulius
Revision: 8009

Correctly parse an article number (1 to 16 digits).
Otherwise, if a range of length 497 was given, it could lead to too long answers!

Added:
  trunk/lib/numbers.c
Modified:
  trunk/MANIFEST
  trunk/include/inn/libinn.h
  trunk/lib/Makefile
  trunk/lib/headers.c
  trunk/lib/messageid.c
  trunk/nnrpd/article.c
  trunk/nnrpd/group.c

----------------------+
 MANIFEST             |    1 
 include/inn/libinn.h |    6 +++
 lib/Makefile         |    5 ++
 lib/headers.c        |    8 ++--
 lib/messageid.c      |   16 ++++----
 lib/numbers.c        |   92 +++++++++++++++++++++++++++++++++++++++++++++++++
 nnrpd/article.c      |   32 ++---------------
 nnrpd/group.c        |    3 -
 8 files changed, 120 insertions(+), 43 deletions(-)

Modified: MANIFEST
===================================================================
--- MANIFEST	2008-09-06 14:07:23 UTC (rev 8008)
+++ MANIFEST	2008-09-06 16:43:51 UTC (rev 8009)
@@ -521,6 +521,7 @@
 lib/network.c                         Network utility functions
 lib/newsuser.c                        Ensure running as news user/group
 lib/nntp.c                            NNTP utility library
+lib/numbers.c                         Manipulation of numbers
 lib/perl.c                            Perl hook support for nnrpd and innd
 lib/pread.c                           pread replacement
 lib/pwrite.c                          pwrite replacement

Modified: include/inn/libinn.h
===================================================================
--- include/inn/libinn.h	2008-09-06 14:07:23 UTC (rev 8008)
+++ include/inn/libinn.h	2008-09-06 16:43:51 UTC (rev 8009)
@@ -152,6 +152,12 @@
 extern void               DDcheck(struct _DDHANDLE *h, char *group);
 extern char *             DDend(struct _DDHANDLE *h);
 
+
+/* Various checks. */
+extern bool             IsValidArticleNumber(const char *string);
+extern bool             IsValidRange(char *string);
+
+
 /* NNTP functions. */
 extern int      NNTPlocalopen(FILE **FromServerp, FILE **ToServerp,
                               char *errbuff, size_t len);

Modified: lib/Makefile
===================================================================
--- lib/Makefile	2008-09-06 14:07:23 UTC (rev 8008)
+++ lib/Makefile	2008-09-06 16:43:51 UTC (rev 8009)
@@ -11,7 +11,7 @@
 		dispatch.c fdflags.c fdlimit.c getfqdn.c \
 		getmodaddr.c hash.c hashtab.c headers.c hex.c innconf.c inndcomm.c \
 		list.c localopen.c lockfile.c makedir.c md5.c messageid.c messages.c \
-		mmap.c network.c newsuser.c nntp.c qio.c radix32.c \
+		mmap.c network.c newsuser.c nntp.c numbers.c qio.c radix32.c \
 		readin.c remopen.c \
 		reservedfd.c resource.c sendarticle.c sendpass.c sequence.c \
 		timer.c tst.c uwildmat.c vector.c wire.c xfopena.c \
@@ -229,6 +229,9 @@
   ../include/inn/defines.h ../include/inn/innconf.h \
   ../include/inn/network.h ../include/inn/nntp.h ../include/inn/vector.h \
   ../include/inn/libinn.h
+numbers.o: numbers.c ../include/config.h ../include/inn/defines.h \
+  ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
+  ../include/config.h ../include/inn/libinn.h ../include/inn/defines.h
 qio.o: qio.c ../include/config.h ../include/inn/defines.h \
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/inn/qio.h ../include/inn/defines.h \

Modified: lib/headers.c
===================================================================
--- lib/headers.c	2008-09-06 14:07:23 UTC (rev 8008)
+++ lib/headers.c	2008-09-06 16:43:51 UTC (rev 8009)
@@ -11,10 +11,10 @@
 
 
 /*
-** We currently only check the requirements for RFC 3977:
+**  We currently only check the requirements for RFC 3977:
 **
-**   o  The name [of a header] consists of one or more printable
-**      US-ASCII characters other than colon.
+**    o  The name [of a header] consists of one or more printable
+**       US-ASCII characters other than colon.
 */
 bool
 IsValidHeaderName(const char *string)
@@ -36,7 +36,7 @@
          * than colon. */
         if (!CTYPE(isgraph, *p) || *p == ':')
             return false;
-    } 
+    }
 
     return true;
 }

Modified: lib/messageid.c
===================================================================
--- lib/messageid.c	2008-09-06 14:07:23 UTC (rev 8008)
+++ lib/messageid.c	2008-09-06 16:43:51 UTC (rev 8009)
@@ -11,7 +11,7 @@
 #include "inn/innconf.h"
 #include "inn/libinn.h"
 
-/* Scale time back a bit, for shorter message-ID's. */
+/*  Scale time back a bit, for shorter message-ID's. */
 #define OFFSET	673416000L
 
 char *
@@ -41,15 +41,15 @@
 
 
 /*
-** We currently only check the requirements for RFC 3977:
+**  We currently only check the requirements for RFC 3977:
 **
-**   o  A message-ID MUST begin with "<", end with ">", and MUST NOT
-**      contain the latter except at the end.
+**    o  A message-ID MUST begin with "<", end with ">", and MUST NOT
+**       contain the latter except at the end.
 **
-**   o  A message-ID MUST be between 3 and 250 octets in length.
+**    o  A message-ID MUST be between 3 and 250 octets in length.
 **
-**   o  A message-ID MUST NOT contain octets other than printable US-ASCII
-**      characters.
+**    o  A message-ID MUST NOT contain octets other than printable US-ASCII
+**       characters.
 */
 bool
 IsValidMessageID(const char *string)
@@ -80,7 +80,7 @@
         /* Contains only printable US-ASCII characters. */
         if (!CTYPE(isgraph, *p))
             return false;
-    } 
+    }
 
     /* Between 3 and 250 octets in length.
      * Ends with ">". */

Added: lib/numbers.c
===================================================================
--- lib/numbers.c	                        (rev 0)
+++ lib/numbers.c	2008-09-06 16:43:51 UTC (rev 8009)
@@ -0,0 +1,92 @@
+/*  $Id$
+**
+**  Routines for numbers:  manipulation and checks.
+*/
+
+#include "config.h"
+#include "clibrary.h"
+#include <ctype.h>
+
+#include "inn/libinn.h"
+
+
+/*
+**  Check if the argument is a valid article number according to RFC 3977,
+**  that is to say it contains from 1 to 16 digits.
+*/
+bool
+IsValidArticleNumber(const char *string)
+{
+    int len = 0;
+    const unsigned char *p;
+
+    /* Not NULL. */
+    if (string == NULL)
+        return false;
+
+    p = (const unsigned char *) string;
+   
+    for (; *p != '\0'; p++) {
+        len++;
+        if (!CTYPE(isdigit, *p))
+            return false;
+    }
+
+    if (len > 0 && len < 17)
+        return true;
+    else
+        return false;
+}
+
+
+/*
+**  Return true if the provided string is a valid range, that is to say:
+** 
+**    - An article number.
+**    - An article number followed by a dash to indicate all following.
+**    - An article number followed by a dash followed by another article
+**      number.
+**
+**  In addition to RFC 3977, we also accept:
+**    - A dash followed by an article number to indicate all previous.
+**    - A dash for everything.
+*/
+bool
+IsValidRange(char *string)
+{
+    char *p;
+    bool valid;
+
+    /* Not NULL. */
+    if (string == NULL)
+        return false;
+
+    /* Just a dash. */
+    if (strcmp(string, "-") == 0)
+        return true;
+
+    p = string;
+
+    /* Begins with a dash.  There must be a number after. */
+    if (*string == '-') {
+        p++;
+        return IsValidArticleNumber(p);
+    }
+
+    /* Got just a single number? */
+    if ((p = strchr(string, '-')) == NULL)
+        return IsValidArticleNumber(string);
+
+    /* "-" becomes "\0" and we parse the low water mark. */
+    *p++ = '\0';
+    if (*p == '\0') {
+        /* Ends with a dash. */
+        valid = IsValidArticleNumber(string);
+    } else {
+        valid = (IsValidArticleNumber(string) && IsValidArticleNumber(p));
+    }
+
+    p--;
+    *p = '-';
+    return valid;
+}


Property changes on: trunk/lib/numbers.c
___________________________________________________________________
Added: svn:keywords
   + Author Date Id Revision
Added: svn:eol-style
   + native

Modified: nnrpd/article.c
===================================================================
--- nnrpd/article.c	2008-09-06 14:07:23 UTC (rev 8008)
+++ nnrpd/article.c	2008-09-06 16:43:51 UTC (rev 8009)
@@ -56,13 +56,11 @@
     SThead,	NNTP_OK_HEAD,		"head"
 };
 
+bool CMDgetrange(int ac, char *av[], ARTRANGE *rp, bool *DidReply);
 
 static struct iovec	iov[IOV_MAX > 1024 ? 1024 : IOV_MAX];
 static int		queued_iov = 0;
 
-bool CMDgetrange(int ac, char *av[], ARTRANGE *rp, bool *DidReply);
-bool CMDisrange(char *string);
-
 static void
 PushIOvHelper(struct iovec* vec, int* countp)
 {
@@ -793,7 +791,7 @@
     }
 
     /* Check the syntax. */
-    if (!CMDisrange(av[1])) {
+    if (!IsValidRange(av[1])) {
         Reply("%d Syntax error in range\r\n", NNTP_ERR_SYNTAX);
         *DidReply = true;
         return false;
@@ -829,28 +827,6 @@
 
 
 /*
-**  Return true if the provided string is a valid range.
-*/
-bool
-CMDisrange(char *string)
-{
-    bool dashfound = false;
-
-    /* Check the syntax:  only allow digits and *one* "-". */
-    for (; *string; string++) {
-        if (*string == '-' && !dashfound) {
-            dashfound = true;
-            continue;
-        }
-        if (!CTYPE(isdigit, *string))
-            return false;
-    }
-    
-    return true;
-}
-
-
-/*
 **  Apply virtual hosting to an Xref: field.
 */
 static char *
@@ -904,7 +880,7 @@
      * is accepted for both of them. */
     if (ac > 1
         && (xover || !mid)
-        && !CMDisrange(av[1])) {
+        && !IsValidRange(av[1])) {
         Reply("%d Syntax error in arguments\r\n", NNTP_ERR_SYNTAX);
         return;
     }
@@ -1090,7 +1066,7 @@
     mid = (ac > 2 && IsValidMessageID(av[2]));
 
     /* Check the syntax of the arguments first. */
-    if (ac > 2 && !mid && !CMDisrange(av[2])) {
+    if (ac > 2 && !mid && !IsValidRange(av[2])) {
         Reply("%d Syntax error in the second argument\r\n", NNTP_ERR_SYNTAX);
         return;
     }

Modified: nnrpd/group.c
===================================================================
--- nnrpd/group.c	2008-09-06 14:07:23 UTC (rev 8008)
+++ nnrpd/group.c	2008-09-06 16:43:51 UTC (rev 8009)
@@ -11,7 +11,6 @@
 #include "inn/ov.h"
 
 extern bool CMDgetrange(int ac, char *av[], ARTRANGE *rp, bool *DidReply);
-extern bool CMDisrange(char *string);
 
 /*
 **  Change to or list the specified newsgroup.  If invalid, stay in the old
@@ -56,7 +55,7 @@
     }
 
     /* Check whether the second argument is valid. */
-    if (ac == 3 && !CMDisrange(av[2])) {
+    if (ac == 3 && !IsValidRange(av[2])) {
         Reply("%d Syntax error\r\n", NNTP_ERR_SYNTAX);
         return;
     }



More information about the inn-committers mailing list