Blob Blame Raw
From 3256b93ee3025bf76757001ff3d24914c4c4af28 Mon Sep 17 00:00:00 2001
From: Adheer Chandravanshi <adheer.chandravanshi@qlogic.com>
Date: Tue, 9 Jul 2013 08:17:14 -0400
Subject: [PATCH] iscsiadm: Correctly check for invalid hostno and flashnode
 index

In host mode, correctly compare for invalid hostno and flashnode index.

Signed-off-by: Adheer Chandravanshi <adheer.chandravanshi@qlogic.com>
Signed-off-by: Vikas Chaudhary <vikas.chaudhary@qlogic.com>
---
 usr/flashnode.h |  2 ++
 usr/host.h      |  2 ++
 usr/iscsiadm.c  | 48 ++++++++++++++++++++++++++++++------------------
 usr/types.h     |  1 +
 4 files changed, 35 insertions(+), 18 deletions(-)

diff --git a/usr/flashnode.h b/usr/flashnode.h
index c1de9cc..2950fb5 100644
--- a/usr/flashnode.h
+++ b/usr/flashnode.h
@@ -26,6 +26,8 @@
 #include "config.h"
 #include "auth.h"
 
+#define MAX_FLASHNODE_IDX UINT_MAX
+
 typedef enum portal_type {
 	IPV4,
 	IPV6,
diff --git a/usr/host.h b/usr/host.h
index 894ab91..db44cfa 100644
--- a/usr/host.h
+++ b/usr/host.h
@@ -5,6 +5,8 @@
 #include "types.h"
 #include "config.h"
 
+#define MAX_HOST_NO UINT_MAX
+
 #define MAX_CHAP_BUF_SZ 4096
 #define REQ_CHAP_BUF_SZ (MAX_CHAP_BUF_SZ + sizeof(struct iscsi_uevent))
 
diff --git a/usr/iscsiadm.c b/usr/iscsiadm.c
index da0a3ec..c7337ae 100644
--- a/usr/iscsiadm.c
+++ b/usr/iscsiadm.c
@@ -1744,20 +1744,22 @@ exit_logout_sid:
 }
 
 static int exec_flashnode_op(int op, int info_level, uint32_t host_no,
-			     uint32_t flashnode_idx, int type,
+			     uint64_t fnode_idx, int type,
 			     struct list_head *params)
 {
 	struct iscsi_transport *t = NULL;
 	int rc = ISCSI_SUCCESS;
 	char *portal_type;
+	uint32_t flashnode_idx;
 
 	if (op != OP_SHOW && op != OP_NOOP && op != OP_NEW &&
-	    flashnode_idx == 0xffffffff) {
+	    fnode_idx > MAX_FLASHNODE_IDX) {
 		log_error("Invalid flashnode index");
 		rc = ISCSI_ERR_INVAL;
 		goto exit_flashnode_op;
 	}
 
+	flashnode_idx = (uint32_t)fnode_idx;
 	t = iscsi_sysfs_get_transport_by_hba(host_no);
 	if (!t) {
 		log_error("Could not match hostno %u to transport.", host_no);
@@ -1768,7 +1770,7 @@ static int exec_flashnode_op(int op, int info_level, uint32_t host_no,
 	switch (op) {
 	case OP_NOOP:
 	case OP_SHOW:
-		if (flashnode_idx == 0xffffffff)
+		if (fnode_idx > MAX_FLASHNODE_IDX)
 			rc = list_flashnodes(info_level, host_no);
 		else
 			rc = get_flashnode_info(host_no, flashnode_idx);
@@ -1880,7 +1882,7 @@ static int verify_iface_params(struct list_head *params, struct node_rec *rec)
 
 /* TODO: merge iter helpers and clean them up, so we can use them here */
 static int exec_iface_op(int op, int do_show, int info_level,
-			 struct iface_rec *iface, uint32_t host_no,
+			 struct iface_rec *iface, uint64_t host_no,
 			 struct list_head *params)
 {
 	struct host_info hinfo;
@@ -2001,9 +2003,9 @@ update_fail:
 		printf("%s applied.\n", iface->name);
 		break;
 	case OP_APPLY_ALL:
-		if (host_no == -1) {
-			log_error("Applyall requires a host number or MAC "
-				  "passed in with the --host argument.");
+		if (host_no > MAX_HOST_NO) {
+			log_error("Applyall requires a valid host number or MAC"
+				  " passed in with the --host argument.");
 			rc = ISCSI_ERR_INVAL;
 			break;
 		}
@@ -2014,7 +2016,7 @@ update_fail:
 		memset(&hinfo, 0, sizeof(struct host_info));
 		hinfo.host_no = host_no;
 		if (iscsi_sysfs_get_hostinfo_by_host_no(&hinfo)) {
-			log_error("Could not match host%u to ifaces.", host_no);
+			log_error("Could not match host%lu to ifaces.", host_no);
 			rc = ISCSI_ERR_INVAL;
 			break;
 		}
@@ -2025,7 +2027,7 @@ update_fail:
 			break;
 		}
 
-		printf("Applied settings to ifaces attached to host%u.\n",
+		printf("Applied settings to ifaces attached to host%lu.\n",
 		       host_no);
 		break;
 	default:
@@ -2637,10 +2639,10 @@ done:
 	return rc;
 }
 
-static uint32_t parse_host_info(char *optarg, int *rc)
+static uint64_t parse_host_info(char *optarg, int *rc)
 {
 	int err = 0;
-	uint32_t host_no = -1;
+	uint64_t host_no;
 
 	*rc = 0;
 	if (strstr(optarg, ":")) {
@@ -2653,8 +2655,11 @@ static uint32_t parse_host_info(char *optarg, int *rc)
 			*rc = ISCSI_ERR_INVAL;
 		}
 	} else {
-		host_no = strtoul(optarg, NULL, 10);
-		if (errno) {
+		host_no = strtoull(optarg, NULL, 10);
+		if (errno || (host_no > MAX_HOST_NO)) {
+			if (host_no > MAX_HOST_NO)
+				errno = ERANGE;
+
 			log_error("Invalid host no %s. %s.",
 				  optarg, strerror(errno));
 			*rc = ISCSI_ERR_INVAL;
@@ -2806,13 +2811,14 @@ main(int argc, char **argv)
 	int tpgt = PORTAL_GROUP_TAG_UNKNOWN, killiscsid=-1, do_show=0;
 	int packet_size=32, ping_count=1, ping_interval=0;
 	int do_discover = 0, sub_mode = -1;
-	int flashnode_idx = -1, portal_type = -1;
+	int portal_type = -1;
 	struct sigaction sa_old;
 	struct sigaction sa_new;
 	struct list_head ifaces;
 	struct iface_rec *iface = NULL, *tmp;
 	struct node_rec *rec = NULL;
-	uint32_t host_no = -1;
+	uint64_t host_no =  (uint64_t)MAX_HOST_NO + 1;
+	uint64_t flashnode_idx = (uint64_t)MAX_FLASHNODE_IDX + 1;
 	struct user_param *param;
 	struct list_head params;
 
@@ -2956,7 +2962,13 @@ main(int argc, char **argv)
 				ISCSI_VERSION_STR);
 			return 0;
 		case 'x':
-			flashnode_idx = atoi(optarg);
+			flashnode_idx = strtoull(optarg, NULL, 10);
+			if (errno) {
+				log_error("Invalid flashnode index %s. %s.",
+					  optarg, strerror(errno));
+				rc = ISCSI_ERR_INVAL;
+				goto free_ifaces;
+			}
 			break;
 		case 'A':
 			portal_type = str_to_portal_type(optarg);
@@ -3022,7 +3034,7 @@ main(int argc, char **argv)
 		if (sub_mode != -1) {
 			switch (sub_mode) {
 			case MODE_CHAP:
-				if (!op || !host_no) {
+				if (!op || (host_no > MAX_HOST_NO)) {
 					log_error("CHAP mode requires host "
 						"no and valid operation");
 					rc = ISCSI_ERR_INVAL;
@@ -3032,7 +3044,7 @@ main(int argc, char **argv)
 						       value);
 				break;
 			case MODE_FLASHNODE:
-				if (!host_no) {
+				if (host_no > MAX_HOST_NO) {
 					log_error("FLASHNODE mode requires host no");
 					rc = ISCSI_ERR_INVAL;
 					break;
diff --git a/usr/types.h b/usr/types.h
index 77e3f97..9d9ba86 100644
--- a/usr/types.h
+++ b/usr/types.h
@@ -10,6 +10,7 @@
 #include <netinet/in.h>
 #include <stdint.h>
 #include <sys/types.h>
+#include <limits.h>
 
 /*
  * using the __be types allows stricter static
-- 
1.8.3.1