исправления для защиты запуска вебки с некорректными аргументами командной строки

2025-04-02 13:36:54 +03:00
parent 51431210f0
commit a6a4391123
3 changed files with 31 additions and 13 deletions
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -538,6 +538,26 @@ int main(int argc, char *argv[]) {
            return 1;
        }

+        if (strcmp(argv[1], "nossl") != 0 && strcmp(argv[1], "ssl") != 0) {
+            std::cerr << "Unsupported ssl mode: " << argv[1] << std::endl;
+            return 1;
+        }
+
+        int serverPort;
+        try {
+            size_t idx = 0;
+            serverPort = std::stoi(std::string(argv[3]), &idx);
+            if (serverPort < 0 || serverPort > 0xffff) {
+                throw std::invalid_argument("Out of range");
+            }
+            if (idx != strlen(argv[3])) {
+                throw std::invalid_argument("Invalid number");
+            }
+        } catch (std::exception& e) {
+            std::cerr << "Wrong server port `" << argv[3] << "`: " << e.what() << std::endl;
+            return 1;
+        }
+
        init_logging();
        boost::log::core::get()->add_thread_attribute("Scope", boost::log::attributes::named_scope());

@@ -563,11 +583,11 @@ int main(int argc, char *argv[]) {
        std::unique_ptr<http::server::Server> s;

        if (strcmp(argv[1], "nossl") == 0) {
-            s = std::make_unique<http::server::Server>(argv[2], argv[3]);
+            BOOST_LOG_TRIVIAL(info) << "Run server on " << argv[2] << ":" << serverPort;
+            s = std::make_unique<http::server::Server>(argv[2], serverPort);
            resources.registerResources(*s);
            s->run();
-
-        } else if (strcmp(argv[1], "ssl") == 0) {
+        } else {
            std::vector<char> cert; http::resource::loadFile("cert.pem", cert);
            std::vector<char> key; http::resource::loadFile("key.pem", key);
            std::vector<char> dh; http::resource::loadFile("dh.pem", dh);
@@ -584,12 +604,10 @@ int main(int argc, char *argv[]) {
            ctx->use_private_key(boost::asio::buffer(key), ssl::context::file_format::pem);
            ctx->use_tmp_dh(boost::asio::buffer(dh));

-            s = std::make_unique<http::server::Server>(argv[2], argv[3], ctx);
+            BOOST_LOG_TRIVIAL(info) << "Run server on " << argv[2] << ":" << serverPort;
+            s = std::make_unique<http::server::Server>(argv[2], serverPort, ctx);
            resources.registerResources(*s);
            s->run();
-        } else {
-            std::cerr << "Unsupported ssl mode: " << argv[1] << std::endl;
-            return 1;
        }
    } catch (std::exception &e) {
        BOOST_LOG_TRIVIAL(error) << e.what() << std::endl;