Code

be more diligent in checking the input arguments for rrdtool update and complain...
authoroetiker <oetiker@a5681a0c-68f1-0310-ab6d-d61299d08faa>
Mon, 16 Nov 2009 14:59:51 +0000 (14:59 +0000)
committeroetiker <oetiker@a5681a0c-68f1-0310-ab6d-d61299d08faa>
Mon, 16 Nov 2009 14:59:51 +0000 (14:59 +0000)
--This line, and those below, will be ignored-

M    trunk/program/src/rrd_update.c
M    branches/1.3/program/src/rrd_update.c

git-svn-id: svn://svn.oetiker.ch/rrdtool/trunk@1973 a5681a0c-68f1-0310-ab6d-d61299d08faa

program/src/rrd_update.c

index a6a0435c3f954c4dc0bf174f11f8adbfa83de5c0..9526ec2d954b9ce9eb14eca64aaa57bab2eb6941 100644 (file)
@@ -905,12 +905,16 @@ static int parse_ds(
             if (i < tmpl_cnt) {
                 updvals[tmpl_idx[i++]] = p + 1;
             }
+            else {
+                rrd_set_error("found extra data on update argument: %s",p+1);
+                return -1;
+            }                
         }
     }
 
     if (i != tmpl_cnt) {
         rrd_set_error("expected %lu data source readings (got %lu) from %s",
-                      tmpl_cnt - 1, i, input);
+                      tmpl_cnt - 1, i - 1, input);
         return -1;
     }
 
@@ -1039,10 +1043,20 @@ static int update_pdp_prep(
             switch (dst_idx) {
             case DST_COUNTER:
             case DST_DERIVE:
-                for (ii = 0; updvals[ds_idx + 1][ii] != '\0'; ii++) {
-                    if ((updvals[ds_idx + 1][ii] < '0'
-                         || updvals[ds_idx + 1][ii] > '9')
-                        && (ii != 0 && updvals[ds_idx + 1][ii] != '-')) {
+                if ( (   updvals[ds_idx + 1][0] < '0'
+                      || updvals[ds_idx + 1][0] > '9' )
+                     && updvals[ds_idx + 1][0] != '-'
+                     && updvals[ds_idx + 1][0] != 'U'
+                     && updvals[ds_idx + 1][0] == '\0'
+                   ) {
+                    rrd_set_error("not a simple integer: '%s'",
+                                  updvals[ds_idx + 1]);
+                    return -1;
+                }
+                for (ii = 1; updvals[ds_idx + 1][ii] != '\0'; ii++) {
+                    if (    updvals[ds_idx + 1][ii] < '0'
+                         || updvals[ds_idx + 1][ii] > '9'
+                       ) {
                         rrd_set_error("not a simple integer: '%s'",
                                       updvals[ds_idx + 1]);
                         return -1;