From 83c7a727e05c7280a457bcdf5681f73ce225e0ea Mon Sep 17 00:00:00 2001
From: cinap_lenrek <cinap_lenrek@felloff.net>
Date: Sun, 14 Apr 2019 03:22:05 +0200
Subject: [PATCH] devip: reject bad numeric ports (such as 9fs -> 9)

---
 sys/src/9/ip/devip.c | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/sys/src/9/ip/devip.c b/sys/src/9/ip/devip.c
index a00d4ed84..882375f29 100644
--- a/sys/src/9/ip/devip.c
+++ b/sys/src/9/ip/devip.c
@@ -857,7 +857,11 @@ setladdrport(Conv* c, char* str, int announcing)
 		return setluniqueport(c, 0);
 	}
 
-	lport = atoi(p);
+	str = p;
+	lport = strtol(str, &p, 10);
+	if(p <= str || strchr("!", *p) == nil)
+		return "bad numeric port";
+
 	if(lport <= 0)
 		rv = setlport(c);
 	else
@@ -874,14 +878,17 @@ setraddrport(Conv* c, char* str)
 	if(p == nil)
 		return "malformed address";
 	*p++ = 0;
-	if (parseip(c->raddr, str) == -1)
+	if(parseip(c->raddr, str) == -1)
 		return Ebadip;
-	c->rport = atoi(p);
-	p = strchr(p, '!');
-	if(p){
-		if(strstr(p, "!r") != nil)
-			c->restricted = 1;
-	}
+
+	str = p;
+	c->rport = strtol(str, &p, 10);
+	if(p <= str || strchr("!", *p) == nil)
+		return "bad numeric port";
+
+	if(strstr(p, "!r") != nil)
+		c->restricted = 1;
+
 	return nil;
 }