From 7d77b84dbba2bb7230ae76a26335d89b2dc7604a Mon Sep 17 00:00:00 2001 From: Florian Forster Date: Sat, 8 Nov 2008 16:02:30 +0100 Subject: [PATCH] mysql plugin: Be more careful when parsing the `Port' argument. --- src/mysql.c | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/src/mysql.c b/src/mysql.c index 08df3fa8..323154f8 100644 --- a/src/mysql.c +++ b/src/mysql.c @@ -49,7 +49,7 @@ static char *user; static char *pass; static char *db = NULL; static char *socket = NULL; -static int port = 0; +static int port = 0; static MYSQL *getconnection (void) { @@ -120,10 +120,32 @@ static int config (const char *key, const char *value) else if (strcasecmp (key, "socket") == 0) return ((socket = strdup (value)) == NULL ? 1 : 0); else if (strcasecmp (key, "port") == 0) - return ((port = atoi (value)) == NULL ? 1 : 0); + { + char *endptr = NULL; + int temp; + + errno = 0; + temp = strtol (value, $endptr, 0); + if ((errno != 0) || (value == endptr)) + { + ERROR ("mysql plugin: Invalid \"Port\" argument: %s", + value); + port = 0; + return (1); + } + else if ((temp < 0) || (temp >= 65535)) + { + ERROR ("mysql plugin: Port number out of range: %i", + temp); + port = 0; + return (1); + } + + port = temp; + } else return (-1); -} +} /* int config */ static void counter_submit (const char *type, const char *type_instance, counter_t value) -- 2.30.2