diff options
| author | Alejandro Sirgo Rica <asirgo@soleta.eu> | 2024-10-25 11:53:22 +0200 |
|---|---|---|
| committer | Alejandro Sirgo Rica <asirgo@soleta.eu> | 2024-10-25 15:09:31 +0200 |
| commit | e679925bd0c8608ebe24f34917347ad939c6506d (patch) | |
| tree | 9076d0ff5d251bc0a0051589796b9f81cb86b11c /src/rest.c | |
| parent | e960063a137c8fe760a40a73ccd081e457b23952 (diff) | |
src: add safe_strtoull for safe string to number conversion
Add safe_strtoull to validate the execution of strtoull.
Definining the base of the number is required becase partition
codes are base 16 but they lack the 0x prefix.
Replace uses of atoi and strtoull/strtoul and log the conversion
errors.
Diffstat (limited to 'src/rest.c')
| -rw-r--r-- | src/rest.c | 18 |
1 files changed, 16 insertions, 2 deletions
@@ -520,6 +520,7 @@ static int og_cmd_wol(json_t *element, struct og_msg_params *params) const char *msglog; struct og_dbi *dbi; int err = 0, i = 0; + uint64_t wol_type; dbi_result result; const char *key; json_t *value; @@ -621,8 +622,14 @@ static int og_cmd_wol(json_t *element, struct og_msg_params *params) if (!inet_aton(new_params.netmask_array[i], &netmask)) continue; + if (safe_strtoull(params->wol_type, &wol_type, 10, UINT32_MAX) < 0) { + syslog(LOG_ERR, "failed to parse wol type %s (%s:%d)\n", + params->wol_type, __func__, __LINE__); + continue; + } + if (wake_up(sd, &addr, &netmask, new_params.mac_array[i], - atoi(params->wol_type)) < 0) { + wol_type) < 0) { syslog(LOG_ERR, "Failed to send wol packet to %s\n", new_params.ips_array[i]); continue; @@ -3845,6 +3852,7 @@ static int og_cmd_restore_image(json_t *element, struct og_msg_params *params) static int og_cmd_delete_image(json_t *element, struct og_msg_params *params) { struct og_dbi *dbi; + uint64_t image_id; const char *key; json_t *value; int err = 0; @@ -3865,6 +3873,12 @@ static int og_cmd_delete_image(json_t *element, struct og_msg_params *params) if (!og_msg_params_validate(params, OG_REST_PARAM_ID)) return -1; + if (safe_strtoull(params->id, &image_id, 10, UINT32_MAX) < 0) { + syslog(LOG_ERR, "failed to parse image id %s (%s:%d)\n", + params->id, __func__, __LINE__); + return -1; + } + dbi = og_dbi_open(&ogconfig.db); if (!dbi) { syslog(LOG_ERR, "cannot open connection database (%s:%d)\n", @@ -3872,7 +3886,7 @@ static int og_cmd_delete_image(json_t *element, struct og_msg_params *params) return -1; } - err = og_dbi_delete_image(dbi, atoi(params->id)); + err = og_dbi_delete_image(dbi, image_id); if (err < 0) { og_dbi_close(dbi); return err; |