- For #1040: adjust error text and disallow negative ports in other

parts of cfg_mark_ports.

doc/Changelog

@@ -1,6 +1,8 @@
 3 April 2024: Wouter
 	- Fix #1040: fix heap-buffer-overflow issue in function cfg_mark_ports
 	  of file util/config_file.c.
+	- For #1040: adjust error text and disallow negative ports in other
+	  parts of cfg_mark_ports.
 
 28 March 2024: Wouter
 	- Fix #1034: DoT forward-zone via unbound-control.

util/config_file.c

@@ -1762,7 +1762,7 @@ cfg_mark_ports(const char* str, int allow, int* avail, int num)
 	if(!mid) {
 		int port = atoi(str);
 		if(port < 0) {
-			log_err("Prevent out-of-bounds access to array avail");
+			log_err("port number is negative: %d", port);
 			return 0;
 		}
 		if(port == 0 && strcmp(str, "0") != 0) {
@@ -1774,6 +1774,10 @@ cfg_mark_ports(const char* str, int allow, int* avail, int num)
 	} else {
 		int i, low, high = atoi(mid+1);
 		char buf[16];
+		if(high < 0) {
+			log_err("port number is negative: %d", high);
+			return 0;
+		}
 		if(high == 0 && strcmp(mid+1, "0") != 0) {
 			log_err("cannot parse port number '%s'", mid+1);
 			return 0;
@@ -1786,10 +1790,18 @@ cfg_mark_ports(const char* str, int allow, int* avail, int num)
 			memcpy(buf, str, (size_t)(mid-str));
 		buf[mid-str] = 0;
 		low = atoi(buf);
+		if(low < 0) {
+			log_err("port number is negative: %d", low);
+			return 0;
+		}
 		if(low == 0 && strcmp(buf, "0") != 0) {
 			log_err("cannot parse port number '%s'", buf);
 			return 0;
 		}
+		if(high > num) {
+			/* Stop very high values from taking a long time. */
+			high = num;
+		}
 		for(i=low; i<=high; i++) {
 			if(i < num)
 				avail[i] = (allow?i:0);