diff options
| -rw-r--r-- | usr.sbin/hostapd/apme.c | 32 | ||||
| -rw-r--r-- | usr.sbin/hostapd/handle.c | 5 | ||||
| -rw-r--r-- | usr.sbin/hostapd/hostapd.c | 35 | ||||
| -rw-r--r-- | usr.sbin/hostapd/iapp.c | 6 | ||||
| -rw-r--r-- | usr.sbin/hostapd/llc.c | 4 | ||||
| -rw-r--r-- | usr.sbin/hostapd/parse.y | 20 | ||||
| -rw-r--r-- | usr.sbin/hostapd/privsep.c | 32 | ||||
| -rw-r--r-- | usr.sbin/hostapd/roaming.c | 15 |
8 files changed, 89 insertions, 60 deletions
diff --git a/usr.sbin/hostapd/apme.c b/usr.sbin/hostapd/apme.c index 34d63ff7d4f..33ef473dcbe 100644 --- a/usr.sbin/hostapd/apme.c +++ b/usr.sbin/hostapd/apme.c @@ -1,4 +1,4 @@ -/* $OpenBSD: apme.c,v 1.14 2006/12/31 03:25:58 reyk Exp $ */ +/* $OpenBSD: apme.c,v 1.15 2007/02/08 11:15:55 reyk Exp $ */ /* * Copyright (c) 2004, 2005 Reyk Floeter <reyk@openbsd.org> @@ -58,8 +58,12 @@ hostapd_apme_add(struct hostapd_config *cfg, const char *name) if ((apme = (struct hostapd_apme *) calloc(1, sizeof(struct hostapd_apme))) == NULL) return (ENOMEM); + if (strlcpy(apme->a_iface, name, sizeof(apme->a_iface)) >= + sizeof(apme->a_iface)) { + free(apme); + return (EINVAL); + } - strlcpy(apme->a_iface, name, sizeof(apme->a_iface)); apme->a_cfg = cfg; apme->a_chanavail = NULL; @@ -133,7 +137,7 @@ hostapd_apme_addhopper(struct hostapd_config *cfg, const char *name) return (NULL); memset(apme->a_chanavail, 0xff, apme->a_maxchan * sizeof(u_int8_t)); - strlcpy(apme->a_chanreq.i_name, apme->a_iface, IFNAMSIZ); + (void)strlcpy(apme->a_chanreq.i_name, apme->a_iface, IFNAMSIZ); return (apme); } @@ -150,7 +154,8 @@ hostapd_apme_sethopper(struct hostapd_apme *apme, int now) if (!evtimer_initialized(&apme->a_chanev)) evtimer_set(&apme->a_chanev, hostapd_apme_hopper, apme); - evtimer_add(&apme->a_chanev, &tv); + if (evtimer_add(&apme->a_chanev, &tv) == -1) + hostapd_fatal("failed to add hopper event"); } void @@ -191,14 +196,16 @@ hostapd_apme_term(struct hostapd_apme *apme) /* Remove the channel hopper, if active */ if (apme->a_chanavail != NULL) { - event_del(&apme->a_chanev); + (void)event_del(&apme->a_chanev); free(apme->a_chanavail); apme->a_chanavail = NULL; } /* Kick a specified Host AP interface */ - event_del(&apme->a_ev); - close(apme->a_raw); + (void)event_del(&apme->a_ev); + if (close(apme->a_raw)) + hostapd_fatal("failed to close: %s\n", + strerror(errno)); TAILQ_REMOVE(&cfg->c_apmes, apme, a_entries); @@ -393,16 +400,15 @@ hostapd_apme_frame(struct hostapd_apme *apme, u_int8_t *buf, u_int len) if (apme == other_apme) continue; if (iapp->i_flags & HOSTAPD_IAPP_F_ROAMING) - hostapd_roaming_del(other_apme, &node); + (void)hostapd_roaming_del(other_apme, &node); if (hostapd_apme_delnode(other_apme, &node) == 0) cfg->c_stats.cn_tx_apme++; } if (iapp->i_flags & HOSTAPD_IAPP_F_ROAMING) - hostapd_roaming_add(apme, &node); - - hostapd_iapp_add_notify(apme, &node); + (void)hostapd_roaming_add(apme, &node); + (void)hostapd_iapp_add_notify(apme, &node); } void @@ -425,10 +431,10 @@ hostapd_apme_init(struct hostapd_apme *apme) "%s\n", apme->a_iface, strerror(errno)); bzero(&ifr, sizeof(struct ifreq)); - strlcpy(ifr.ifr_name, apme->a_iface, sizeof(ifr.ifr_name)); + (void)strlcpy(ifr.ifr_name, apme->a_iface, sizeof(ifr.ifr_name)); /* This may fail, ignore it */ - ioctl(apme->a_raw, BIOCPROMISC, NULL); + (void)ioctl(apme->a_raw, BIOCPROMISC, NULL); /* Associate the wireless network interface to the BPF descriptor */ if (ioctl(apme->a_raw, BIOCSETIF, &ifr) == -1) diff --git a/usr.sbin/hostapd/handle.c b/usr.sbin/hostapd/handle.c index 58c3477b58a..052d97adb1f 100644 --- a/usr.sbin/hostapd/handle.c +++ b/usr.sbin/hostapd/handle.c @@ -1,4 +1,4 @@ -/* $OpenBSD: handle.c,v 1.10 2006/06/27 18:14:59 reyk Exp $ */ +/* $OpenBSD: handle.c,v 1.11 2007/02/08 11:15:55 reyk Exp $ */ /* * Copyright (c) 2005, 2006 Reyk Floeter <reyk@openbsd.org> @@ -126,7 +126,8 @@ hostapd_handle_frame(struct hostapd_apme *apme, struct hostapd_frame *frame, flags = frame->f_flags; /* Get timestamp */ - gettimeofday(&t_now, NULL); + if (gettimeofday(&t_now, NULL) == -1) + hostapd_fatal("gettimeofday"); /* Handle optional limit */ if (frame->f_limit.tv_sec || frame->f_limit.tv_usec) { diff --git a/usr.sbin/hostapd/hostapd.c b/usr.sbin/hostapd/hostapd.c index 75142247bab..279cb486874 100644 --- a/usr.sbin/hostapd/hostapd.c +++ b/usr.sbin/hostapd/hostapd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostapd.c,v 1.30 2006/09/28 17:43:42 reyk Exp $ */ +/* $OpenBSD: hostapd.c,v 1.31 2007/02/08 11:15:55 reyk Exp $ */ /* * Copyright (c) 2004, 2005 Reyk Floeter <reyk@openbsd.org> @@ -228,7 +228,7 @@ hostapd_udp_init(struct hostapd_config *cfg) cfg->c_flags |= HOSTAPD_CFG_F_UDP; - strlcpy(ifr.ifr_name, iapp->i_iface, sizeof(ifr.ifr_name)); + (void)strlcpy(ifr.ifr_name, iapp->i_iface, sizeof(ifr.ifr_name)); if (ioctl(iapp->i_udp, SIOCGIFADDR, &ifr) == -1) hostapd_fatal("UDP ioctl %s on \"%s\" failed: %s\n", @@ -320,7 +320,7 @@ hostapd_sig_handler(int sig) case SIGTERM: case SIGQUIT: case SIGINT: - event_loopexit(&tv); + (void)event_loopexit(&tv); } } @@ -390,7 +390,7 @@ main(int argc, char *argv[]) struct hostapd_iapp *iapp; struct hostapd_apme *apme; char *config = NULL; - u_int debug = 0; + u_int debug = 0, ret; int ch; /* Set startup logging */ @@ -421,9 +421,11 @@ main(int argc, char *argv[]) } if (config == NULL) - strlcpy(cfg->c_config, HOSTAPD_CONFIG, sizeof(cfg->c_config)); + ret = strlcpy(cfg->c_config, HOSTAPD_CONFIG, sizeof(cfg->c_config)); else - strlcpy(cfg->c_config, config, sizeof(cfg->c_config)); + ret = strlcpy(cfg->c_config, config, sizeof(cfg->c_config)); + if (ret >= sizeof(cfg->c_config)) + hostapd_fatal("invalid configuration file\n"); if (geteuid()) hostapd_fatal("need root privileges\n"); @@ -452,7 +454,8 @@ main(int argc, char *argv[]) if ((cfg->c_debug = debug) == 0) { openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON); tzset(); - daemon(0, 0); + if (daemon(0, 0) == -1) + hostapd_fatal("failed to daemonize\n"); } if (cfg->c_flags & HOSTAPD_CFG_F_APME) { @@ -474,7 +477,7 @@ main(int argc, char *argv[]) * Unprivileged child process */ - event_init(); + (void)event_init(); /* * Set signal handlers @@ -496,7 +499,8 @@ main(int argc, char *argv[]) TAILQ_FOREACH(apme, &cfg->c_apmes, a_entries) { event_set(&apme->a_ev, apme->a_raw, EV_READ | EV_PERSIST, hostapd_apme_input, apme); - event_add(&apme->a_ev, NULL); + if (event_add(&apme->a_ev, NULL) == -1) + hostapd_fatal("failed to add APME event"); } } @@ -505,13 +509,15 @@ main(int argc, char *argv[]) */ event_set(&iapp->i_udp_ev, iapp->i_udp, EV_READ | EV_PERSIST, hostapd_iapp_input, cfg); - event_add(&iapp->i_udp_ev, NULL); + if (event_add(&iapp->i_udp_ev, NULL) == -1) + hostapd_fatal("failed to add IAPP event"); hostapd_log(HOSTAPD_LOG, "starting hostapd with pid %u", getpid()); /* Run event loop */ - event_dispatch(); + if (event_dispatch() == -1) + hostapd_fatal("failed to dispatch hostapd"); /* Executed after the event loop has been terminated */ hostapd_cleanup(cfg); @@ -542,8 +548,11 @@ hostapd_table_add(struct hostapd_config *cfg, const char *name) if ((table = (struct hostapd_table *) calloc(1, sizeof(struct hostapd_table))) == NULL) return (NULL); - - strlcpy(table->t_name, name, sizeof(table->t_name)); + if (strlcpy(table->t_name, name, sizeof(table->t_name)) >= + sizeof(table->t_name)) { + free(table); + return (NULL); + } RB_INIT(&table->t_tree); TAILQ_INIT(&table->t_mask_head); TAILQ_INSERT_TAIL(&cfg->c_tables, table, t_entries); diff --git a/usr.sbin/hostapd/iapp.c b/usr.sbin/hostapd/iapp.c index 2df08096208..9354e5e9079 100644 --- a/usr.sbin/hostapd/iapp.c +++ b/usr.sbin/hostapd/iapp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: iapp.c,v 1.16 2006/06/01 22:09:09 reyk Exp $ */ +/* $OpenBSD: iapp.c,v 1.17 2007/02/08 11:15:55 reyk Exp $ */ /* * Copyright (c) 2004, 2005 Reyk Floeter <reyk@openbsd.org> @@ -60,7 +60,7 @@ hostapd_iapp_init(struct hostapd_config *cfg) etheraddr_string(apme->a_bssid)); /* Deauthenticate all stations on startup */ - hostapd_apme_deauth(apme); + (void)hostapd_apme_deauth(apme); } } @@ -262,7 +262,7 @@ hostapd_iapp_input(int fd, short sig, void *arg) cfg->c_flags & HOSTAPD_CFG_F_APME) { TAILQ_FOREACH(apme, &cfg->c_apmes, a_entries) { if (iapp->i_flags & HOSTAPD_IAPP_F_ROAMING) - hostapd_roaming_del(apme, &node); + (void)hostapd_roaming_del(apme, &node); if (iapp->i_flags & HOSTAPD_IAPP_F_ADD_NOTIFY && (ret = hostapd_apme_delnode(apme, &node)) == 0) diff --git a/usr.sbin/hostapd/llc.c b/usr.sbin/hostapd/llc.c index 2309e7270f4..82dfb7d3031 100644 --- a/usr.sbin/hostapd/llc.c +++ b/usr.sbin/hostapd/llc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: llc.c,v 1.4 2005/12/18 17:54:12 reyk Exp $ */ +/* $OpenBSD: llc.c,v 1.5 2007/02/08 11:15:55 reyk Exp $ */ /* * Copyright (c) 2004, 2005 Reyk Floeter <reyk@openbsd.org> @@ -52,7 +52,7 @@ hostapd_llc_init(struct hostapd_config *cfg) cfg->c_flags |= HOSTAPD_CFG_F_RAW; bzero(&ifr, sizeof(struct ifreq)); - strlcpy(ifr.ifr_name, iapp->i_iface, sizeof(ifr.ifr_name)); + (void)strlcpy(ifr.ifr_name, iapp->i_iface, sizeof(ifr.ifr_name)); /* Associate the wired network interface to the BPF descriptor */ if (ioctl(iapp->i_raw, BIOCSETIF, &ifr) == -1) diff --git a/usr.sbin/hostapd/parse.y b/usr.sbin/hostapd/parse.y index dd14209fa2d..f4e54fe06cf 100644 --- a/usr.sbin/hostapd/parse.y +++ b/usr.sbin/hostapd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.27 2006/12/31 03:25:58 reyk Exp $ */ +/* $OpenBSD: parse.y,v 1.28 2007/02/08 11:15:55 reyk Exp $ */ /* * Copyright (c) 2004, 2005, 2006 Reyk Floeter <reyk@openbsd.org> @@ -214,8 +214,13 @@ option : SET HOSTAP INTERFACE hostapifaces | SET HOSTAP MODE hostapmode | SET IAPP INTERFACE STRING passive { - strlcpy(hostapd_cfg.c_iapp.i_iface, $4, - sizeof(hostapd_cfg.c_iapp.i_iface)); + if (strlcpy(hostapd_cfg.c_iapp.i_iface, $4, + sizeof(hostapd_cfg.c_iapp.i_iface)) >= + sizeof(hostapd_cfg.c_iapp.i_iface)) { + yyerror("invalid interface %s", $4); + free($4); + YYERROR; + } hostapd_cfg.c_flags |= HOSTAPD_CFG_F_IAPP; @@ -358,7 +363,8 @@ event : HOSTAP HANDLE YYERROR; } - gettimeofday(&frame.f_last, NULL); + if (gettimeofday(&frame.f_last, NULL) == -1) + hostapd_fatal("gettimeofday"); timeradd(&frame.f_last, &frame.f_limit, &frame.f_then); bcopy(&frame, frame_ptr, sizeof(struct hostapd_frame)); @@ -1340,7 +1346,8 @@ lgetc(void) do { c = getc(file->stream); } while (c == '\t' || c == ' '); - ungetc(c, file->stream); + if (ungetc(c, file->stream) == EOF) + hostapd_fatal("lgetc: ungetc"); c = ' '; } @@ -1552,7 +1559,8 @@ hostapd_parse_symset(char *s) if ((sym = (char *)malloc(len)) == NULL) hostapd_fatal("cmdline_symset: malloc"); - strlcpy(sym, s, len); + if (strlcpy(sym, s, len) >= len) + hostapd_fatal("cmdline_symset: macro too long"); ret = symset(sym, val + 1, 1); diff --git a/usr.sbin/hostapd/privsep.c b/usr.sbin/hostapd/privsep.c index a25129995b7..57ec4ab5df5 100644 --- a/usr.sbin/hostapd/privsep.c +++ b/usr.sbin/hostapd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.21 2006/12/31 03:25:58 reyk Exp $ */ +/* $OpenBSD: privsep.c,v 1.22 2007/02/08 11:15:55 reyk Exp $ */ /* * Copyright (c) 2004, 2005 Reyk Floeter <reyk@openbsd.org> @@ -129,7 +129,7 @@ hostapd_priv_init(struct hostapd_config *cfg) setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) hostapd_fatal("can't drop privileges\n"); - close(socks[0]); + (void)close(socks[0]); priv_fd = socks[1]; return; } @@ -139,7 +139,7 @@ hostapd_priv_init(struct hostapd_config *cfg) */ cfg->c_flags |= HOSTAPD_CFG_F_PRIV; - event_init(); + (void)event_init(); /* Pass ALRM/TERM/INT/HUP through to child, and accept CHLD */ signal(SIGALRM, hostapd_sig_relay); @@ -148,7 +148,7 @@ hostapd_priv_init(struct hostapd_config *cfg) signal(SIGHUP, hostapd_sig_relay); signal(SIGCHLD, hostapd_sig_chld); - close(socks[1]); + (void)close(socks[1]); if (cfg->c_flags & HOSTAPD_CFG_F_APME) { if ((cfg->c_apme_ctl = socket(AF_INET, SOCK_DGRAM, 0)) == -1) @@ -164,10 +164,12 @@ hostapd_priv_init(struct hostapd_config *cfg) /* Start a new event listener */ event_set(&cfg->c_priv_ev, socks[0], EV_READ, hostapd_priv, cfg); - event_add(&cfg->c_priv_ev, NULL); + if (event_add(&cfg->c_priv_ev, NULL) == -1) + hostapd_fatal("failed to add priv event"); /* Run privileged event loop */ - event_dispatch(); + if (event_dispatch() == -1) + hostapd_fatal("failed to dispatch priv hostapd"); /* Executed after the event loop has been terminated */ hostapd_cleanup(cfg); @@ -221,7 +223,7 @@ hostapd_priv(int fd, short sig, void *arg) if ((apme = hostapd_priv_getapme(fd, cfg)) == NULL) break; - strlcpy(bssid.i_name, apme->a_iface, sizeof(bssid.i_name)); + (void)strlcpy(bssid.i_name, apme->a_iface, sizeof(bssid.i_name)); /* Try to get the APME's BSSID */ if ((ret = ioctl(cfg->c_apme_ctl, @@ -243,7 +245,7 @@ hostapd_priv(int fd, short sig, void *arg) if ((apme = hostapd_priv_getapme(fd, cfg)) == NULL) break; - strlcpy(nr.nr_ifname, apme->a_iface, sizeof(ifr.ifr_name)); + (void)strlcpy(nr.nr_ifname, apme->a_iface, sizeof(ifr.ifr_name)); /* Try to get a station from the APME */ if ((ret = ioctl(cfg->c_apme_ctl, @@ -272,7 +274,7 @@ hostapd_priv(int fd, short sig, void *arg) if ((apme = hostapd_priv_getapme(fd, cfg)) == NULL) break; - strlcpy(nr.nr_ifname, apme->a_iface, sizeof(ifr.ifr_name)); + (void)strlcpy(nr.nr_ifname, apme->a_iface, sizeof(ifr.ifr_name)); request = cmd == PRIV_APME_ADDNODE ? SIOCS80211NODE : SIOCS80211DELNODE; @@ -311,7 +313,8 @@ hostapd_priv(int fd, short sig, void *arg) default: hostapd_fatal("[priv]: unknown command %d\n", cmd); } - event_add(&cfg->c_priv_ev, NULL); + if (event_add(&cfg->c_priv_ev, NULL) == -1) + hostapd_fatal("failed to schedult priv event"); return; } @@ -452,7 +455,9 @@ hostapd_sig_relay(int sig) int oerrno = errno; if (child_pid != -1) - kill(child_pid, sig); + if (kill(child_pid, sig) == -1) + hostapd_fatal("hostapd_sig_relay: kill(%d, %d)", + child_pid, sig); errno = oerrno; } @@ -468,9 +473,8 @@ hostapd_sig_chld(int sig) * If parent gets a SIGCHLD, it will exit. */ - if (sig == SIGCHLD) { - event_loopexit(&tv); - } + if (sig == SIGCHLD) + (void)event_loopexit(&tv); } /* diff --git a/usr.sbin/hostapd/roaming.c b/usr.sbin/hostapd/roaming.c index e3ba45004bb..e8d8ccf0886 100644 --- a/usr.sbin/hostapd/roaming.c +++ b/usr.sbin/hostapd/roaming.c @@ -1,4 +1,4 @@ -/* $OpenBSD: roaming.c,v 1.2 2006/06/01 22:09:09 reyk Exp $ */ +/* $OpenBSD: roaming.c,v 1.3 2007/02/08 11:15:55 reyk Exp $ */ /* * Copyright (c) 2005, 2006 Reyk Floeter <reyk@openbsd.org> @@ -70,7 +70,7 @@ hostapd_roaming_init(struct hostapd_config *cfg) TAILQ_FOREACH(apme, &cfg->c_apmes, a_entries) { bzero(&ifr, sizeof(ifr)); - strlcpy(ifr.ifr_name, apme->a_iface, sizeof(ifr.ifr_name)); + (void)strlcpy(ifr.ifr_name, apme->a_iface, sizeof(ifr.ifr_name)); if (ioctl(cfg->c_apme_ctl, SIOCGIFADDR, &ifr) == -1) hostapd_fatal("ioctl %s on \"%s\" failed: %s\n", "SIOCGIFADDR", ifr.ifr_name, strerror(errno)); @@ -95,7 +95,7 @@ hostapd_roaming_term(struct hostapd_apme *apme) RB_FOREACH(entry, hostapd_tree, &iapp->i_route_tbl->t_tree) { if ((entry->e_flags & HOSTAPD_ENTRY_F_INADDR) == 0) continue; - hostapd_roaming_rt(apme, &entry->e_inaddr, 0); + (void)hostapd_roaming_rt(apme, &entry->e_inaddr, 0); } } @@ -104,7 +104,7 @@ hostapd_roaming_term(struct hostapd_apme *apme) RB_FOREACH(entry, hostapd_tree, &iapp->i_addr_tbl->t_tree) { if ((entry->e_flags & HOSTAPD_ENTRY_F_INADDR) == 0) continue; - hostapd_roaming_addr(apme, &entry->e_inaddr, 0); + (void)hostapd_roaming_addr(apme, &entry->e_inaddr, 0); } } } @@ -173,7 +173,7 @@ hostapd_roaming_addr(struct hostapd_apme *apme, struct hostapd_inaddr *addr, htonl(0xffffffff << (32 - addr->in_netmask)); } - strlcpy(ifra.ifra_name, apme->a_iface, sizeof(ifra.ifra_name)); + (void)strlcpy(ifra.ifra_name, apme->a_iface, sizeof(ifra.ifra_name)); if (ioctl(cfg->c_apme_ctl, SIOCDIFADDR, &ifra) < 0) { if (errno != EADDRNOTAVAIL) { hostapd_log(HOSTAPD_LOG_VERBOSE, @@ -244,8 +244,9 @@ hostapd_roaming_rt(struct hostapd_apme *apme, struct hostapd_inaddr *addr, rm.rm_hdr.rtm_flags |= RTF_HOST; rm.rm_label.sr_len = sizeof(rm.rm_label); - snprintf(rm.rm_label.sr_label, sizeof(rm.rm_label.sr_label), - "apme-%s", apme->a_iface); + if (snprintf(rm.rm_label.sr_label, sizeof(rm.rm_label.sr_label), + "apme-%s", apme->a_iface) == -1) + goto bad; retry: if (write(cfg->c_rtsock, &rm, len) == -1) { |