range check for configuration attribute types
authorAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 20 May 2010 15:35:10 +0000 (17:35 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 20 May 2010 15:35:10 +0000 (17:35 +0200)
src/libhydra/plugins/attr_sql/pool_attributes.c

index 52314aa..7ee2075 100644 (file)
@@ -232,6 +232,12 @@ static bool parse_attributes(char *name, char *value, value_type_t *value_type,
                free(blob->ptr);
                return FALSE;
        }
+       if (*type < 1 || *type > 32767)
+       {
+               fprintf(stderr, "the attribute type must lie in the range 1..32767.\n");
+               free(blob->ptr);
+               return FALSE);
+       }
        if (*value_type == VALUE_NONE)
        {
                *value_type = VALUE_HEX;