diff -uw ucspi-tcp-0.88-original/tcpclient.c ucspi-tcp-0.88/tcpclient.c --- ucspi-tcp-0.88-original/tcpclient.c 2000-03-18 15:18:42.000000000 +0000 +++ ucspi-tcp-0.88/tcpclient.c 2004-11-12 17:25:50.000000000 +0000 @@ -65,6 +65,17 @@ char seed[128]; +static +void +optarg_num ( unsigned long * u ) +{ + unsigned int pos ; + pos = scan_ulong(optarg,u); + if (0 == pos || optarg[pos]) + strerr_die3x(111,FATAL, optarg, " is not a number"); +} + +int main(int argc,char **argv) { unsigned long u; @@ -92,13 +103,20 @@ case 'h': flagremotehost = 1; break; case 'R': flagremoteinfo = 0; break; case 'r': flagremoteinfo = 1; break; - case 't': scan_ulong(optarg,&itimeout); break; + case 't': optarg_num(&itimeout); break; case 'T': j = scan_ulong(optarg,&ctimeout[0]); - if (optarg[j] == '+') ++j; - scan_ulong(optarg + j,&ctimeout[1]); + if (optarg[j] == '+') { + unsigned int k ; + ++j; + k = scan_ulong(optarg + j,&ctimeout[1]); + if (0 == k || optarg[j + k]) strerr_die3x(111,FATAL, optarg + j, " is not a number"); + } else + if (0 == j || optarg[j]) strerr_die3x(111,FATAL, optarg, " is not a number"); + break; + case 'i': j = ip4_scan(optarg,iplocal); + if (0 == j || optarg[j]) strerr_die3x(111,FATAL, optarg, " is not an IP address"); break; - case 'i': if (!ip4_scan(optarg,iplocal)) usage(); break; - case 'p': scan_ulong(optarg,&u); portlocal = u; break; + case 'p': optarg_num(&u); portlocal = u; break; default: usage(); } argv += optind; diff -uw ucspi-tcp-0.88-original/tcpserver.c ucspi-tcp-0.88/tcpserver.c --- ucspi-tcp-0.88-original/tcpserver.c 2000-03-18 15:18:42.000000000 +0000 +++ ucspi-tcp-0.88/tcpserver.c 2004-11-12 17:25:56.000000000 +0000 @@ -289,6 +289,17 @@ } } +static +void +optarg_num ( unsigned long * u ) +{ + unsigned int pos ; + pos = scan_ulong(optarg,u); + if (0 == pos || optarg[pos]) + strerr_die3x(111,FATAL, optarg, " is not a number"); +} + +int main(int argc,char **argv) { char *hostname; @@ -302,8 +313,8 @@ while ((opt = getopt(argc,argv,"dDvqQhHrR1UXx:t:u:g:l:b:B:c:pPoO")) != opteof) switch(opt) { - case 'b': scan_ulong(optarg,&backlog); break; - case 'c': scan_ulong(optarg,&limit); break; + case 'b': optarg_num(&backlog); break; + case 'c': optarg_num(&limit); break ; case 'X': flagallownorules = 1; break; case 'x': fnrules = optarg; break; case 'B': banner = optarg; break; @@ -320,11 +331,11 @@ case 'h': flagremotehost = 1; break; case 'R': flagremoteinfo = 0; break; case 'r': flagremoteinfo = 1; break; - case 't': scan_ulong(optarg,&timeout); break; + case 't': optarg_num(&timeout); break; case 'U': x = env_get("UID"); if (x) scan_ulong(x,&uid); x = env_get("GID"); if (x) scan_ulong(x,&gid); break; - case 'u': scan_ulong(optarg,&uid); break; - case 'g': scan_ulong(optarg,&gid); break; + case 'u': optarg_num(&uid); break; + case 'g': optarg_num(&gid); break; case '1': flag1 = 1; break; case 'l': localhost = optarg; break; default: usage();