[PATCH v2] Ntpd config file support
Isaac Dunham
ibid.ag at gmail.com
Sat Mar 22 22:46:44 UTC 2014
On Sat, Mar 22, 2014 at 08:40:48PM +0100, Harald Becker wrote:
> Hi Isaac !
>
> Your program will fail on lines starting with the word server
> (eg. serverxyz), that is it does not check for clear word
> boundary and gives wrong results in that case.
...which are not legitimate entries in ntp.conf.
My aim is to parse a correct ntp.conf, and not cause security problems
on incorrect ones.
> >while (cbuf[i] > 35) i++;
>
> Unwise to do this in a not poor ASCII environment, as most
> systems are nowadays. This way you allow unprintable and any
> kind of illegal characters in time server addresses.
Fixing.
The fix expects chars exclusively in the set [-.:0-9a-zA-Z], which all
valid hostnames and IP addresses (ipv4/ipv6) have.
>... and what
> about buffer overflow? Won't this loop then run to unknown
> locations?
Not possible. i is size_t, and getline() is _always_ \0 terminated.
However, the previous loop did have a potential buffer overrun if the
line ended prematurely:
server \n\0 would result in it walking over the end and writing 0 to the
first character less than 36 after a sequence of chars greater than
35 ('#')...
> Beside this: Make it a default NO configuration, not being
> included in binaries build from standard options.
OK.
(Denys gets the final say on that, though.)
Here's a version that has the issues mentioned fixed, and removes the 10
byte overhead.
It accepts "peer" as well as "server", and runs 320 bytes.
Thanks,
Isaac Dunham
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-ntpd-parse-etc-ntp.conf.patch
Type: text/x-diff
Size: 3492 bytes
Desc: not available
URL: <http://lists.busybox.net/pipermail/busybox/attachments/20140322/d1b277f4/attachment-0001.bin>
More information about the busybox
mailing list