On Sat, Aug 19, 2017 at 04:20:31PM -0500, Kris Katterjohn wrote:
> On Fri, Aug 18, 2017 at 09:24:33AM -0700, Chris Cappuccio wrote:
> > This looks correct. Also, there's more:
>
> Thanks for looking and catching what I missed. It hit me a while after
> I sent my original email that relayd likely has the same bug. D'oh.
>
> Here is an updated patch for httpd, ldapd, relayd, smtpd, switchd and
> ypldap, which all seem to have the off-by-one bug for port number
> checking (where 65535 is unusable and called invalid, at least when
> specifying it as a number). Again, I cannot build and actually test
> this right now.
>
> Cheers,
> Kris Katterjohn
>
ok gilles@
chris, are you taking care of committing this ?
> Index: usr.sbin/httpd/parse.y
> ===================================================================
> RCS file: /cvs/src/usr.sbin/httpd/parse.y,v
> retrieving revision 1.91
> diff -u -p -r1.91 parse.y
> --- usr.sbin/httpd/parse.y 11 Aug 2017 18:48:56 -0000 1.91
> +++ usr.sbin/httpd/parse.y 19 Aug 2017 20:15:31 -0000
> @@ -1118,7 +1118,7 @@ medianamesl : numberstring
> {
> ;
>
> port : PORT NUMBER {
> - if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
> + if ($2 <= 0 || $2 > (int)USHRT_MAX) {
> yyerror("invalid port: %lld", $2);
> YYERROR;
> }
> Index: usr.sbin/ldapd/parse.y
> ===================================================================
> RCS file: /cvs/src/usr.sbin/ldapd/parse.y,v
> retrieving revision 1.24
> diff -u -p -r1.24 parse.y
> --- usr.sbin/ldapd/parse.y 6 Apr 2017 12:22:32 -0000 1.24
> +++ usr.sbin/ldapd/parse.y 19 Aug 2017 20:15:31 -0000
> @@ -161,7 +161,7 @@ port : PORT STRING {
> free($2);
> }
> | PORT NUMBER {
> - if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
> + if ($2 <= 0 || $2 > (int)USHRT_MAX) {
> yyerror("invalid port: %lld", $2);
> YYERROR;
> }
> Index: usr.sbin/relayd/parse.y
> ===================================================================
> RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
> retrieving revision 1.215
> diff -u -p -r1.215 parse.y
> --- usr.sbin/relayd/parse.y 27 May 2017 08:33:25 -0000 1.215
> +++ usr.sbin/relayd/parse.y 19 Aug 2017 20:15:32 -0000
> @@ -338,7 +338,7 @@ port : PORT STRING {
> free($2);
> }
> | PORT NUMBER {
> - if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
> + if ($2 <= 0 || $2 > (int)USHRT_MAX) {
> yyerror("invalid port: %d", $2);
> YYERROR;
> }
> Index: usr.sbin/smtpd/parse.y
> ===================================================================
> RCS file: /cvs/src/usr.sbin/smtpd/parse.y,v
> retrieving revision 1.197
> diff -u -p -r1.197 parse.y
> --- usr.sbin/smtpd/parse.y 11 Jul 2017 06:08:40 -0000 1.197
> +++ usr.sbin/smtpd/parse.y 19 Aug 2017 20:15:33 -0000
> @@ -480,7 +480,7 @@ opt_if_listen : INET4 {
> }
> listen_opts.options |= LO_PORT;
>
> - if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
> + if ($2 <= 0 || $2 > (int)USHRT_MAX) {
> yyerror("invalid port: %" PRId64, $2);
> YYERROR;
> }
> Index: usr.sbin/switchd/parse.y
> ===================================================================
> RCS file: /cvs/src/usr.sbin/switchd/parse.y,v
> retrieving revision 1.5
> diff -u -p -r1.5 parse.y
> --- usr.sbin/switchd/parse.y 6 Aug 2017 17:31:19 -0000 1.5
> +++ usr.sbin/switchd/parse.y 19 Aug 2017 20:15:33 -0000
> @@ -144,7 +144,7 @@ listen : LISTEN ON STRING opttls port {
> ;
>
> port : PORT NUMBER {
> - if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
> + if ($2 <= 0 || $2 > (int)USHRT_MAX) {
> yyerror("invalid port: %lld", $2);
> YYERROR;
> }
> Index: usr.sbin/ypldap/parse.y
> ===================================================================
> RCS file: /cvs/src/usr.sbin/ypldap/parse.y,v
> retrieving revision 1.22
> diff -u -p -r1.22 parse.y
> --- usr.sbin/ypldap/parse.y 30 May 2017 09:33:31 -0000 1.22
> +++ usr.sbin/ypldap/parse.y 19 Aug 2017 20:15:33 -0000
> @@ -171,7 +171,7 @@ port : PORT STRING
> {
> free($2);
> }
> | PORT NUMBER {
> - if ($2 <= 0 || $2 >= (int)USHRT_MAX) {
> + if ($2 <= 0 || $2 > (int)USHRT_MAX) {
> yyerror("invalid port: %lld", $2);
> YYERROR;
> }
>
--
Gilles Chehade
https://www.poolp.org @poolpOrg
