Thu Jun 8 11:12:22 2023 UTC ()
Pull up following revision(s) (requested by oster in ticket #194):

	usr.sbin/wgconfig/wgconfig.c: revision 1.6

Don't allow "wgconfig add peer ..." to accept invalid options.

Addresses PR bin/57392 .


(martin)
diff -r1.5 -r1.5.6.1 src/usr.sbin/wgconfig/wgconfig.c
cvs diff -r1.5 -r1.5.6.1 src/usr.sbin/wgconfig/wgconfig.c (expand / switch to unified diff)

--- src/usr.sbin/wgconfig/wgconfig.c 2020/08/28 17:17:53 1.5
+++ src/usr.sbin/wgconfig/wgconfig.c 2023/06/08 11:12:22 1.5.6.1
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: wgconfig.c,v 1.5 2020/08/28 17:17:53 tih Exp $ */ 1/* $NetBSD: wgconfig.c,v 1.5.6.1 2023/06/08 11:12:22 martin Exp $ */
2 2
3/* 3/*
4 * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> 4 * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com>
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * Redistribution and use in source and binary forms, with or without 7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions 8 * modification, are permitted provided that the following conditions
9 * are met: 9 * are met:
10 * 1. Redistributions of source code must retain the above copyright 10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer. 11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the 13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution. 14 * documentation and/or other materials provided with the distribution.
@@ -20,27 +20,27 @@ @@ -20,27 +20,27 @@
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE. 29 * SUCH DAMAGE.
30 */ 30 */
31 31
32#include <sys/cdefs.h> 32#include <sys/cdefs.h>
33__RCSID("$NetBSD: wgconfig.c,v 1.5 2020/08/28 17:17:53 tih Exp $"); 33__RCSID("$NetBSD: wgconfig.c,v 1.5.6.1 2023/06/08 11:12:22 martin Exp $");
34 34
35#include <sys/ioctl.h> 35#include <sys/ioctl.h>
36 36
37#include <net/if.h> 37#include <net/if.h>
38#include <net/if_wg.h> 38#include <net/if_wg.h>
39 39
40#include <arpa/inet.h> 40#include <arpa/inet.h>
41 41
42#include <stdio.h> 42#include <stdio.h>
43#include <stdlib.h> 43#include <stdlib.h>
44#include <string.h> 44#include <string.h>
45#include <err.h> 45#include <err.h>
46#include <unistd.h> 46#include <unistd.h>
@@ -670,34 +670,38 @@ static const struct option { @@ -670,34 +670,38 @@ static const struct option {
670 const char *option; 670 const char *option;
671 void (*func)(const char *, prop_dictionary_t); 671 void (*func)(const char *, prop_dictionary_t);
672} options[] = { 672} options[] = {
673 {"--endpoint=", handle_option_endpoint}, 673 {"--endpoint=", handle_option_endpoint},
674 {"--allowed-ips=", handle_option_allowed_ips}, 674 {"--allowed-ips=", handle_option_allowed_ips},
675 {"--preshared-key=", handle_option_preshared_key}, 675 {"--preshared-key=", handle_option_preshared_key},
676}; 676};
677 677
678static void 678static void
679handle_options(int argc, char *argv[], prop_dictionary_t prop_dict) 679handle_options(int argc, char *argv[], prop_dictionary_t prop_dict)
680{ 680{
681 681
682 while (argc > 0) { 682 while (argc > 0) {
 683 int found = 0;
683 for (size_t i = 0; i < __arraycount(options); i++) { 684 for (size_t i = 0; i < __arraycount(options); i++) {
684 const struct option *opt = &options[i]; 685 const struct option *opt = &options[i];
685 size_t optlen = strlen(opt->option); 686 size_t optlen = strlen(opt->option);
686 if (strncmp(argv[0], opt->option, optlen) == 0) { 687 if (strncmp(argv[0], opt->option, optlen) == 0) {
687 opt->func(argv[0] + optlen, prop_dict); 688 opt->func(argv[0] + optlen, prop_dict);
 689 found = 1;
688 break; 690 break;
689 } 691 }
690 } 692 }
 693 if (found == 0)
 694 errx(EXIT_FAILURE, "invalid option: %s", argv[0]);
691 argc -= 1; 695 argc -= 1;
692 argv += 1; 696 argv += 1;
693 } 697 }
694 698
695 if (argc != 0) 699 if (argc != 0)
696 usage(); 700 usage();
697} 701}
698 702
699static int 703static int
700cmd_add_peer(const char *interface, int argc, char *argv[]) 704cmd_add_peer(const char *interface, int argc, char *argv[])
701{ 705{
702 const char *name; 706 const char *name;
703 unsigned char keybuf[KEY_LEN]; 707 unsigned char keybuf[KEY_LEN];