* #28529: daemon: better validation of port ranges

9a2da0bb · Tristan Matthews · 63c7ba0a · 9a2da0bb · 9a2da0bb
Commit 9a2da0bb authored 11 years ago by Tristan Matthews
--- a/daemon/src/sip/sipaccount.cpp
+++ b/daemon/src/sip/sipaccount.cpp
@@ -66,7 +66,7 @@ const char *const TRUE_STR = "true";
 const char *const FALSE_STR = "false";
 }
-bool SIPAccount::portsInUse_[1 << 16];
+bool SIPAccount::portsInUse_[MAX_PORT];
 SIPAccount::SIPAccount(const std::string& accountID)
    : Account(accountID)
@@ -121,7 +121,7 @@ SIPAccount::SIPAccount(const std::string& accountID)
    , via_addr_()
    , audioPortRange_({16384, 32766})
 #ifdef SFL_VIDEO
-    , videoPortRange_({49152, (1 << 16) - 2})
+    , videoPortRange_({49152, (MAX_PORT) - 2})
 #endif
 {
    via_addr_.host.ptr = 0;
@@ -152,18 +152,23 @@ serializeRange(Conf::MappingNode &accountMap, const char *minKey, const char *ma
    return result;
 }
+void updateRange(int min, int max, std::pair<uint16_t, uint16_t> &range)
+{
+    if (min > 0 and (max > min) and max <= MAX_PORT - 2) {
+        range.first = min;
+        range.second = max;
+    }
+}
 void
 unserializeRange(const Conf::YamlNode &mapNode, const char *minKey, const char *maxKey, std::pair<uint16_t, uint16_t> &range)
 {
-    int tmp = 0;
+    int tmpMin = 0;
-    mapNode.getValue(minKey, &tmp);
+    int tmpMax = 0;
+    mapNode.getValue(minKey, &tmpMin);
-    if (tmp)
+    mapNode.getValue(maxKey, &tmpMax);
-        range.first = tmp;
+    updateRange(tmpMin, tmpMax, range);
-    mapNode.getValue(maxKey, &tmp);
-    if (tmp)
-        range.second = tmp;
 }
 }
@@ -577,19 +582,13 @@ void SIPAccount::setAccountDetails(std::map<std::string, std::string> details)
    userAgent_ = details[CONFIG_ACCOUNT_USERAGENT];
    keepAliveEnabled_ = details[CONFIG_KEEP_ALIVE_ENABLED] == TRUE_STR;
-    int tmp = atoi(details[CONFIG_ACCOUNT_AUDIO_PORT_MIN].c_str());
+    int tmpMin = atoi(details[CONFIG_ACCOUNT_AUDIO_PORT_MIN].c_str());
-    if (tmp > 0)
+    int tmpMax = atoi(details[CONFIG_ACCOUNT_AUDIO_PORT_MAX].c_str());
-        audioPortRange_.first = tmp;
+    updateRange(tmpMin, tmpMax, audioPortRange_);
-    tmp = atoi(details[CONFIG_ACCOUNT_AUDIO_PORT_MAX].c_str());
-    if (tmp > 0)
-        audioPortRange_.second = tmp;
 #ifdef SFL_VIDEO
-    tmp = atoi(details[CONFIG_ACCOUNT_VIDEO_PORT_MIN].c_str());
+    tmpMin = atoi(details[CONFIG_ACCOUNT_VIDEO_PORT_MIN].c_str());
-    if (tmp > 0)
+    tmpMax = atoi(details[CONFIG_ACCOUNT_VIDEO_PORT_MAX].c_str());
-        videoPortRange_.first = tmp;
+    updateRange(tmpMin, tmpMax, videoPortRange_);
-    tmp = atoi(details[CONFIG_ACCOUNT_VIDEO_PORT_MAX].c_str());
-    if (tmp > 0)
-        videoPortRange_.second = tmp;
 #endif
    // srtp settings

--- a/daemon/src/sip/sipaccount.h
+++ b/daemon/src/sip/sipaccount.h
@@ -104,6 +104,7 @@ class SIPVoIPLink;
 * @file sipaccount.h
 * @brief A SIP Account specify SIP specific functions and object = SIPCall/SIPVoIPLink)
 */
+enum {MAX_PORT = 65536};
 class SIPAccount : public Account {
    public:
@@ -788,7 +789,7 @@ class SIPAccount : public Account {
         */
        std::pair<uint16_t, uint16_t> videoPortRange_;
 #endif
-        static bool portsInUse_[1 << 16];
+        static bool portsInUse_[MAX_PORT];
        static uint16_t getRandomEvenNumber(const std::pair<uint16_t, uint16_t> &range);
 };