- djm@cvs.openbsd.org 2013/07/12 00:19:59
[auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c]
[hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c]
fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
diff --git a/mux.c b/mux.c
index 314ee8c..882fa61 100644
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.43 2013/06/05 02:07:29 dtucker Exp $ */
+/* $OpenBSD: mux.c,v 1.44 2013/07/12 00:19:58 djm Exp $ */
/*
* Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
*
@@ -630,19 +630,22 @@
Forward fwd;
char *fwd_desc = NULL;
u_int ftype;
+ u_int lport, cport;
int i, ret = 0, freefwd = 1;
fwd.listen_host = fwd.connect_host = NULL;
if (buffer_get_int_ret(&ftype, m) != 0 ||
(fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL ||
- buffer_get_int_ret(&fwd.listen_port, m) != 0 ||
+ buffer_get_int_ret(&lport, m) != 0 ||
(fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL ||
- buffer_get_int_ret(&fwd.connect_port, m) != 0) {
+ buffer_get_int_ret(&cport, m) != 0 ||
+ lport > 65535 || cport > 65535) {
error("%s: malformed message", __func__);
ret = -1;
goto out;
}
-
+ fwd.listen_port = lport;
+ fwd.connect_port = cport;
if (*fwd.listen_host == '\0') {
free(fwd.listen_host);
fwd.listen_host = NULL;
@@ -778,17 +781,21 @@
const char *error_reason = NULL;
u_int ftype;
int i, listen_port, ret = 0;
+ u_int lport, cport;
fwd.listen_host = fwd.connect_host = NULL;
if (buffer_get_int_ret(&ftype, m) != 0 ||
(fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL ||
- buffer_get_int_ret(&fwd.listen_port, m) != 0 ||
+ buffer_get_int_ret(&lport, m) != 0 ||
(fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL ||
- buffer_get_int_ret(&fwd.connect_port, m) != 0) {
+ buffer_get_int_ret(&cport, m) != 0 ||
+ lport > 65535 || cport > 65535) {
error("%s: malformed message", __func__);
ret = -1;
goto out;
}
+ fwd.listen_port = lport;
+ fwd.connect_port = cport;
if (*fwd.listen_host == '\0') {
free(fwd.listen_host);