INN commit: trunk (8 files)
INN Commit
Russ_Allbery at isc.org
Sat Sep 6 16:43:51 UTC 2008
Date: Saturday, September 6, 2008 @ 09:43:51
Author: iulius
Revision: 8009
Correctly parse an article number (1 to 16 digits).
Otherwise, if a range of length 497 was given, it could lead to too long answers!
Added:
trunk/lib/numbers.c
Modified:
trunk/MANIFEST
trunk/include/inn/libinn.h
trunk/lib/Makefile
trunk/lib/headers.c
trunk/lib/messageid.c
trunk/nnrpd/article.c
trunk/nnrpd/group.c
----------------------+
MANIFEST | 1
include/inn/libinn.h | 6 +++
lib/Makefile | 5 ++
lib/headers.c | 8 ++--
lib/messageid.c | 16 ++++----
lib/numbers.c | 92 +++++++++++++++++++++++++++++++++++++++++++++++++
nnrpd/article.c | 32 ++---------------
nnrpd/group.c | 3 -
8 files changed, 120 insertions(+), 43 deletions(-)
Modified: MANIFEST
===================================================================
--- MANIFEST 2008-09-06 14:07:23 UTC (rev 8008)
+++ MANIFEST 2008-09-06 16:43:51 UTC (rev 8009)
@@ -521,6 +521,7 @@
lib/network.c Network utility functions
lib/newsuser.c Ensure running as news user/group
lib/nntp.c NNTP utility library
+lib/numbers.c Manipulation of numbers
lib/perl.c Perl hook support for nnrpd and innd
lib/pread.c pread replacement
lib/pwrite.c pwrite replacement
Modified: include/inn/libinn.h
===================================================================
--- include/inn/libinn.h 2008-09-06 14:07:23 UTC (rev 8008)
+++ include/inn/libinn.h 2008-09-06 16:43:51 UTC (rev 8009)
@@ -152,6 +152,12 @@
extern void DDcheck(struct _DDHANDLE *h, char *group);
extern char * DDend(struct _DDHANDLE *h);
+
+/* Various checks. */
+extern bool IsValidArticleNumber(const char *string);
+extern bool IsValidRange(char *string);
+
+
/* NNTP functions. */
extern int NNTPlocalopen(FILE **FromServerp, FILE **ToServerp,
char *errbuff, size_t len);
Modified: lib/Makefile
===================================================================
--- lib/Makefile 2008-09-06 14:07:23 UTC (rev 8008)
+++ lib/Makefile 2008-09-06 16:43:51 UTC (rev 8009)
@@ -11,7 +11,7 @@
dispatch.c fdflags.c fdlimit.c getfqdn.c \
getmodaddr.c hash.c hashtab.c headers.c hex.c innconf.c inndcomm.c \
list.c localopen.c lockfile.c makedir.c md5.c messageid.c messages.c \
- mmap.c network.c newsuser.c nntp.c qio.c radix32.c \
+ mmap.c network.c newsuser.c nntp.c numbers.c qio.c radix32.c \
readin.c remopen.c \
reservedfd.c resource.c sendarticle.c sendpass.c sequence.c \
timer.c tst.c uwildmat.c vector.c wire.c xfopena.c \
@@ -229,6 +229,9 @@
../include/inn/defines.h ../include/inn/innconf.h \
../include/inn/network.h ../include/inn/nntp.h ../include/inn/vector.h \
../include/inn/libinn.h
+numbers.o: numbers.c ../include/config.h ../include/inn/defines.h \
+ ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
+ ../include/config.h ../include/inn/libinn.h ../include/inn/defines.h
qio.o: qio.c ../include/config.h ../include/inn/defines.h \
../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
../include/config.h ../include/inn/qio.h ../include/inn/defines.h \
Modified: lib/headers.c
===================================================================
--- lib/headers.c 2008-09-06 14:07:23 UTC (rev 8008)
+++ lib/headers.c 2008-09-06 16:43:51 UTC (rev 8009)
@@ -11,10 +11,10 @@
/*
-** We currently only check the requirements for RFC 3977:
+** We currently only check the requirements for RFC 3977:
**
-** o The name [of a header] consists of one or more printable
-** US-ASCII characters other than colon.
+** o The name [of a header] consists of one or more printable
+** US-ASCII characters other than colon.
*/
bool
IsValidHeaderName(const char *string)
@@ -36,7 +36,7 @@
* than colon. */
if (!CTYPE(isgraph, *p) || *p == ':')
return false;
- }
+ }
return true;
}
Modified: lib/messageid.c
===================================================================
--- lib/messageid.c 2008-09-06 14:07:23 UTC (rev 8008)
+++ lib/messageid.c 2008-09-06 16:43:51 UTC (rev 8009)
@@ -11,7 +11,7 @@
#include "inn/innconf.h"
#include "inn/libinn.h"
-/* Scale time back a bit, for shorter message-ID's. */
+/* Scale time back a bit, for shorter message-ID's. */
#define OFFSET 673416000L
char *
@@ -41,15 +41,15 @@
/*
-** We currently only check the requirements for RFC 3977:
+** We currently only check the requirements for RFC 3977:
**
-** o A message-ID MUST begin with "<", end with ">", and MUST NOT
-** contain the latter except at the end.
+** o A message-ID MUST begin with "<", end with ">", and MUST NOT
+** contain the latter except at the end.
**
-** o A message-ID MUST be between 3 and 250 octets in length.
+** o A message-ID MUST be between 3 and 250 octets in length.
**
-** o A message-ID MUST NOT contain octets other than printable US-ASCII
-** characters.
+** o A message-ID MUST NOT contain octets other than printable US-ASCII
+** characters.
*/
bool
IsValidMessageID(const char *string)
@@ -80,7 +80,7 @@
/* Contains only printable US-ASCII characters. */
if (!CTYPE(isgraph, *p))
return false;
- }
+ }
/* Between 3 and 250 octets in length.
* Ends with ">". */
Added: lib/numbers.c
===================================================================
--- lib/numbers.c (rev 0)
+++ lib/numbers.c 2008-09-06 16:43:51 UTC (rev 8009)
@@ -0,0 +1,92 @@
+/* $Id$
+**
+** Routines for numbers: manipulation and checks.
+*/
+
+#include "config.h"
+#include "clibrary.h"
+#include <ctype.h>
+
+#include "inn/libinn.h"
+
+
+/*
+** Check if the argument is a valid article number according to RFC 3977,
+** that is to say it contains from 1 to 16 digits.
+*/
+bool
+IsValidArticleNumber(const char *string)
+{
+ int len = 0;
+ const unsigned char *p;
+
+ /* Not NULL. */
+ if (string == NULL)
+ return false;
+
+ p = (const unsigned char *) string;
+
+ for (; *p != '\0'; p++) {
+ len++;
+ if (!CTYPE(isdigit, *p))
+ return false;
+ }
+
+ if (len > 0 && len < 17)
+ return true;
+ else
+ return false;
+}
+
+
+/*
+** Return true if the provided string is a valid range, that is to say:
+**
+** - An article number.
+** - An article number followed by a dash to indicate all following.
+** - An article number followed by a dash followed by another article
+** number.
+**
+** In addition to RFC 3977, we also accept:
+** - A dash followed by an article number to indicate all previous.
+** - A dash for everything.
+*/
+bool
+IsValidRange(char *string)
+{
+ char *p;
+ bool valid;
+
+ /* Not NULL. */
+ if (string == NULL)
+ return false;
+
+ /* Just a dash. */
+ if (strcmp(string, "-") == 0)
+ return true;
+
+ p = string;
+
+ /* Begins with a dash. There must be a number after. */
+ if (*string == '-') {
+ p++;
+ return IsValidArticleNumber(p);
+ }
+
+ /* Got just a single number? */
+ if ((p = strchr(string, '-')) == NULL)
+ return IsValidArticleNumber(string);
+
+ /* "-" becomes "\0" and we parse the low water mark. */
+ *p++ = '\0';
+ if (*p == '\0') {
+ /* Ends with a dash. */
+ valid = IsValidArticleNumber(string);
+ } else {
+ valid = (IsValidArticleNumber(string) && IsValidArticleNumber(p));
+ }
+
+ p--;
+ *p = '-';
+ return valid;
+}
Property changes on: trunk/lib/numbers.c
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision
Added: svn:eol-style
+ native
Modified: nnrpd/article.c
===================================================================
--- nnrpd/article.c 2008-09-06 14:07:23 UTC (rev 8008)
+++ nnrpd/article.c 2008-09-06 16:43:51 UTC (rev 8009)
@@ -56,13 +56,11 @@
SThead, NNTP_OK_HEAD, "head"
};
+bool CMDgetrange(int ac, char *av[], ARTRANGE *rp, bool *DidReply);
static struct iovec iov[IOV_MAX > 1024 ? 1024 : IOV_MAX];
static int queued_iov = 0;
-bool CMDgetrange(int ac, char *av[], ARTRANGE *rp, bool *DidReply);
-bool CMDisrange(char *string);
-
static void
PushIOvHelper(struct iovec* vec, int* countp)
{
@@ -793,7 +791,7 @@
}
/* Check the syntax. */
- if (!CMDisrange(av[1])) {
+ if (!IsValidRange(av[1])) {
Reply("%d Syntax error in range\r\n", NNTP_ERR_SYNTAX);
*DidReply = true;
return false;
@@ -829,28 +827,6 @@
/*
-** Return true if the provided string is a valid range.
-*/
-bool
-CMDisrange(char *string)
-{
- bool dashfound = false;
-
- /* Check the syntax: only allow digits and *one* "-". */
- for (; *string; string++) {
- if (*string == '-' && !dashfound) {
- dashfound = true;
- continue;
- }
- if (!CTYPE(isdigit, *string))
- return false;
- }
-
- return true;
-}
-
-
-/*
** Apply virtual hosting to an Xref: field.
*/
static char *
@@ -904,7 +880,7 @@
* is accepted for both of them. */
if (ac > 1
&& (xover || !mid)
- && !CMDisrange(av[1])) {
+ && !IsValidRange(av[1])) {
Reply("%d Syntax error in arguments\r\n", NNTP_ERR_SYNTAX);
return;
}
@@ -1090,7 +1066,7 @@
mid = (ac > 2 && IsValidMessageID(av[2]));
/* Check the syntax of the arguments first. */
- if (ac > 2 && !mid && !CMDisrange(av[2])) {
+ if (ac > 2 && !mid && !IsValidRange(av[2])) {
Reply("%d Syntax error in the second argument\r\n", NNTP_ERR_SYNTAX);
return;
}
Modified: nnrpd/group.c
===================================================================
--- nnrpd/group.c 2008-09-06 14:07:23 UTC (rev 8008)
+++ nnrpd/group.c 2008-09-06 16:43:51 UTC (rev 8009)
@@ -11,7 +11,6 @@
#include "inn/ov.h"
extern bool CMDgetrange(int ac, char *av[], ARTRANGE *rp, bool *DidReply);
-extern bool CMDisrange(char *string);
/*
** Change to or list the specified newsgroup. If invalid, stay in the old
@@ -56,7 +55,7 @@
}
/* Check whether the second argument is valid. */
- if (ac == 3 && !CMDisrange(av[2])) {
+ if (ac == 3 && !IsValidRange(av[2])) {
Reply("%d Syntax error\r\n", NNTP_ERR_SYNTAX);
return;
}
More information about the inn-committers
mailing list