be more carful wrt. signed vs. unsigned argument passing
[paraslash.git] / command.c
index de56ce8..2bd1019 100644 (file)
--- a/command.c
+++ b/command.c
@@ -151,7 +151,7 @@ static char *get_status(struct misc_meta_data *nmmd)
        bar = para_basename(nmmd->filename);
        gettimeofday(&now, NULL);
        ret = make_message(
-               "%s:%lu\n"      "%s:%s\n"               "%s:%i\n"       "%s:%u\n"
+               "%s:%zu\n"      "%s:%s\n"               "%s:%lu\n"      "%s:%u\n"
                "%s:%s\n"       "%s:%s\n"       "%s:%s\n"       "%s:%s\n"
                "%s:%li\n"      "%s:%s\n"       "%s"            "%s"
                "%s:%s\n"       "%s:%lu.%lu\n"  "%s:%lu.%lu\n",
@@ -756,6 +756,42 @@ static void rc4_send(unsigned long len, const unsigned char *indata,
        RC4(&rc4_send_key, len, indata, outdata);
 }
 
+static int read_command(int fd, char **result)
+{
+       int ret;
+       char buf[4096];
+       char *command = NULL;
+
+       for (;;) {
+               size_t numbytes;
+               char *p;
+
+               ret = recv_buffer(fd, buf, sizeof(buf));
+               if (ret < 0)
+                       goto out;
+               if (!ret)
+                       break;
+               numbytes = ret;
+               ret = -E_COMMAND_SYNTAX;
+               if (command && numbytes + strlen(command) > MAX_COMMAND_LEN) /* DOS */
+                       goto out;
+               command = para_strcat(command, buf);
+               p = strstr(command, EOC_MSG);
+               if (p) {
+                       *p = '\0';
+                       break;
+               }
+       }
+       ret = command? 1 : -E_COMMAND_SYNTAX;
+out:
+       if (ret < 0)
+               free(command);
+       else
+               *result = command;
+       return ret;
+
+}
+
 /**
  * perform user authentication and execute a command
  *
@@ -789,7 +825,7 @@ static void rc4_send(unsigned long len, const unsigned char *indata,
  */
 int handle_connect(int fd, struct sockaddr_in *addr)
 {
-       int numbytes, ret, argc, use_rc4 = 0;
+       int ret, argc, use_rc4 = 0;
        char buf[4096];
        unsigned char crypt_buf[MAXLINE];
        struct user *u;
@@ -797,6 +833,7 @@ int handle_connect(int fd, struct sockaddr_in *addr)
        long unsigned challenge_nr, chall_response;
        char **argv = NULL;
        char *p, *command = NULL;
+       size_t numbytes;
 
        signal(SIGCHLD, SIG_IGN);
        signal(SIGINT, SIG_DFL);
@@ -845,17 +882,17 @@ int handle_connect(int fd, struct sockaddr_in *addr)
        if (ret < 0)
                goto err_out;
        /* recv decrypted number */
-       numbytes = recv_buffer(fd, buf, sizeof(buf));
-       ret = numbytes;
+       ret = recv_buffer(fd, buf, sizeof(buf));
        if (ret < 0)
                goto err_out;
+       numbytes = ret;
        ret = -E_AUTH;
        if (!numbytes)
                goto err_out;
        if (sscanf(buf, CHALLENGE_RESPONSE_MSG "%lu", &chall_response) < 1
                        || chall_response != challenge_nr)
                goto err_out;
-       /* auth successful. Send 'Proceed' message */
+       /* auth successful, send 'Proceed' message */
        PARA_INFO_LOG("good auth for %s (%lu)\n", u->name, challenge_nr);
        sprintf(buf, "%s", PROCEED_MSG);
        if (use_rc4) {
@@ -872,24 +909,12 @@ int handle_connect(int fd, struct sockaddr_in *addr)
                goto err_out;
        if (use_rc4)
                enable_crypt(fd, rc4_recv, rc4_send, NULL);
-       /* read command */
-       while ((numbytes = recv_buffer(fd, buf, sizeof(buf))) > 0) {
-//             PARA_INFO_LOG("recvd: %s (%d)\n", buf, numbytes);
-               ret = -E_COMMAND_SYNTAX;
-               if (command && numbytes + strlen(command) > MAX_COMMAND_LEN) /* DOS */
-                       goto err_out;
-               command = para_strcat(command, buf);
-               if ((p = strstr(command, EOC_MSG))) {
-                       *p = '\0';
-                       break;
-               }
-       }
-       ret = numbytes;
+       ret = read_command(fd, &command);
        if (ret < 0)
                goto err_out;
        ret = -E_BAD_CMD;
-       /* parse command */
-       if (!(cmd = parse_cmd(command)))
+       cmd = parse_cmd(command);
+       if (!cmd)
                goto err_out;
        /* valid command, check permissions */
        ret = check_perms(u->perms, cmd);
@@ -909,10 +934,9 @@ int handle_connect(int fd, struct sockaddr_in *addr)
                goto out;
        }
 err_out:
-       if (ret != -E_SEND && ret != -E_RECV) {
-               PARA_NOTICE_LOG("%s\n", PARA_STRERROR(-ret));
+       PARA_NOTICE_LOG("%s\n", PARA_STRERROR(-ret));
+       if (ret != -E_SEND && ret != -E_RECV)
                send_va_buffer(fd, "%s\n", PARA_STRERROR(-ret));
-       }
        ret = EXIT_FAILURE;
 out:
        free(command);