[X2Go-Commits] [x2goserver] 23/27: x2goserver/lib/x2gogetfreeport: check start and end paramters in a stricter fashion.

git-admin at x2go.org git-admin at x2go.org
Wed Jan 10 00:17:59 CET 2018


This is an automated email from the git hooks/post-receive script.

x2go pushed a commit to branch release/4.0.1.x
in repository x2goserver.

commit 1ec6d633b3cdcac3e31bacbe59072065b58be518
Author: Mihai Moldovan <ionic at ionic.de>
Date:   Mon Jan 8 06:13:20 2018 +0100

    x2goserver/lib/x2gogetfreeport: check start and end paramters in a stricter fashion.
---
 debian/changelog               | 2 ++
 x2goserver/lib/x2gogetfreeport | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 7aa2289..e8bcc61 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -70,6 +70,8 @@ x2goserver (4.0.1.23-0x2go1) UNRELEASED; urgency=medium
       shift parameter sanitization failure codes up.
     - x2goserver/lib: new script x2gocheckport, containing common
       functionality for port checking. Duplicated code will be deleted next.
+    - x2goserver/lib/x2gogetfreeport: check start and end paramters in a
+      stricter fashion.
   * x2goserver.spec:
     - RPMify x2goserver-xsession description.
     - Remove qt4 stuff, we're not using the framework here.
diff --git a/x2goserver/lib/x2gogetfreeport b/x2goserver/lib/x2gogetfreeport
index 705ac61..1a80c73 100755
--- a/x2goserver/lib/x2gogetfreeport
+++ b/x2goserver/lib/x2gogetfreeport
@@ -40,10 +40,10 @@ if [[ -z "${ss}" ]] || [[ "${ss}" =~ ${empty_regex} ]]; then
 fi
 typeset -i start_i="${start}"
 typeset -i end_i="${end}"
-if [[ -z "${start}" ]] || [[ "${start}" != "${start_i}" ]] || [[ "${start}" -ne "${start_i}" ]]; then
+if [[ -z "${start}" ]] || [[ "${start}" != "${start_i}" ]] || [[ "${start}" -ne "${start_i}" ]] || [[ "${start_i}" -lt '0' ]] || [[ "${start_i}" -gt '65535' ]]; then
 	exit '3'
 fi
-if [[ -z "${end}" ]] || [[ "${end}" != "${end_i}" ]] || [[ "${end}" -ne "${end_i}" ]]; then
+if [[ -z "${end}" ]] || [[ "${end}" != "${end_i}" ]] || [[ "${end}" -ne "${end_i}" ]] || [[ "${end_i}" -lt "${start_i}" ]] || [[ "${end_i}" -gt '65535' ]]; then
 	exit '4'
 fi
 [[ "${type}" != 'lowlevel' ]] && [[ "${type}" != 'display' ]] && exit '5'

--
Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goserver.git


More information about the x2go-commits mailing list