X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=conffile.c;h=565e37ff9b8ed608ea867106aaebc17156d3b8f9;hp=90235290fb03a72b436524892c28240fa2f82186;hb=0009e60a914ef5239ba2f8cc19e07ab5368e49b1;hpb=08ee90a207d1a9c0b3e34d1db06cd7502ad48990

diff --git a/conffile.c b/conffile.c
index 9023529..565e37f 100644
--- a/conffile.c
+++ b/conffile.c
@@ -3,10 +3,13 @@
 /* #define DUMP_PARSE_TREE */
 
 #include "secnet.h"
+#include <assert.h>
+#include <limits.h>
 #include <stdio.h>
 #include <string.h>
 #include "conffile.h"
 #include "conffile_internal.h"
+#include "conffile.yy.h"
 #include "util.h"
 #include "ipaddr.h"
 
@@ -194,6 +197,7 @@ static void ptree_dump(struct p_node *n, uint32_t d)
 	default:       printf("**unknown primitive type**\n"); break;
 	}
     } else {
+	assert(d<INT_MAX);
 	printf("%s: (%s line %d)\n",ntype(n->type),n->loc.file,n->loc.line);
 	ptree_indent(d);
 	printf("  |-");	ptree_dump(n->l, d+1);
@@ -561,7 +565,7 @@ uint32_t list_length(list_t *a)
 {
     uint32_t l=0;
     list_t *i;
-    for (i=a; i; i=i->next) l++;
+    for (i=a; i; i=i->next) { assert(l < INT_MAX); l++; }
     return l;
 }
 
@@ -684,6 +688,9 @@ string_t dict_read_string(dict_t *dict, cstring_t key, bool_t required,
     if (i->type!=t_string) {
 	cfgfatal(loc,desc,"\"%s\" must be a string\n",key);
     }
+    if (strlen(i->data.string) > INT_MAX/10) {
+	cfgfatal(loc,desc,"\"%s\" is unreasonably long\n",key);
+    }
     r=i->data.string;
     return r;
 }
@@ -699,6 +706,9 @@ uint32_t dict_read_number(dict_t *dict, cstring_t key, bool_t required,
     if (i->type!=t_number) {
 	cfgfatal(loc,desc,"\"%s\" must be a number\n",key);
     }
+    if (i->data.number >= 0x80000000) {
+        cfgfatal(loc,desc,"\"%s\" must fit into a 32-bit signed integer\n",key);
+    }
     r=i->data.number;
     return r;
 }