0xabad1dea/dnparsefail.c

## dnparsefail.c
#include <stdio.h>
#include <string.h>

/*~ demonstration of unbounded conditions and integer wrap
  bugs in a real networking stack by 0xabad1dea

	dnparse() is taken from the XINU operating system
	http://www.cs.purdue.edu/homes/dec/xlicense.html

	slightly tweaked to compile as a unix userland thing ~*/


/*~ the implementation of this is largely irrelevant and elided here. ~*/
int dot2ip(char* str) {
	return 0xABAD1DEA; }


/*------------------------------------------------------------------------
 *  dnparse  -  parse foreign address specification; get IP and port #s
 *------------------------------------------------------------------------
 */
int dnparse(char* fspec, int* paddr, short* pport)
{
	int	i, byte;
	char	ch;

	if (fspec == 0 /*~ ANYFPORT ~*/) {
		*pport = 0;
		return 1 /*~ OK ~*/;
	}
	/* parse forms like 192.5.48.30:3 into (ip-address,port)	*/

	*paddr = dot2ip(fspec);
	fspec = index(fspec, ':');
	if (fspec == 0 || *fspec != ':') {
		return -1 /*~ SYSERR ~*/; }
	fspec++;
	i = 0;
	while (isdigit(ch = *fspec++)) { /*~ look here ~ */
		i = 10*i + (ch - '0'); }
	if (i==0 || ch!='\0')
		return -1 /*~ SYSERR ~*/;
	*pport = i;
	return 1 /*~ OK ~*/;
}


int main(int argc, char *argv[]) {
	if(argc < 2) return -1;

	int address;
	short port = 0;

	/*~ pass arg like 1.2.3.4:56 ~*/
	dnparse(argv[1], &address, &port);

	printf("Port is: %d\n", (int)port);

	return 0;
}

/*~
$ ./dnparsefail 1.2.3.4:34
Port is: 34
$ ./dnparsefail 1.2.3.4:1000000
Port is: 16960
$ ./dnparsefail 1.2.3.4:10000000
Port is: -27008
~*/
	#include <stdio.h>
	#include <string.h>

	/*~ demonstration of unbounded conditions and integer wrap
	bugs in a real networking stack by 0xabad1dea

	dnparse() is taken from the XINU operating system
	http://www.cs.purdue.edu/homes/dec/xlicense.html

	slightly tweaked to compile as a unix userland thing ~*/


	/~ the implementation of this is largely irrelevant and elided here. ~/
	int dot2ip(char* str) {
	return 0xABAD1DEA; }


	/*------------------------------------------------------------------------
	* dnparse - parse foreign address specification; get IP and port #s
	*------------------------------------------------------------------------
	*/
	int dnparse(char* fspec, int* paddr, short* pport)
	{
	int i, byte;
	char ch;

	if (fspec == 0 /~ ANYFPORT ~/) {
	*pport = 0;
	return 1 /~ OK ~/;
	}
	/* parse forms like 192.5.48.30:3 into (ip-address,port) */

	*paddr = dot2ip(fspec);
	fspec = index(fspec, ':');
	if (fspec == 0 \|\| *fspec != ':') {
	return -1 /~ SYSERR ~/; }
	fspec++;
	i = 0;
	while (isdigit(ch = fspec++)) { /~ look here ~ */
	i = 10*i + (ch - '0'); }
	if (i==0 \|\| ch!='\0')
	return -1 /~ SYSERR ~/;
	*pport = i;
	return 1 /~ OK ~/;
	}


	int main(int argc, char *argv[]) {
	if(argc < 2) return -1;

	int address;
	short port = 0;

	/~ pass arg like 1.2.3.4:56 ~/
	dnparse(argv[1], &address, &port);

	printf("Port is: %d\n", (int)port);

	return 0;
	}

	/*~
	$ ./dnparsefail 1.2.3.4:34
	Port is: 34
	$ ./dnparsefail 1.2.3.4:1000000
	Port is: 16960
	$ ./dnparsefail 1.2.3.4:10000000
	Port is: -27008
	~*/