From ed08e360f59885c6ddb72254cd58c5945fc86cec Mon Sep 17 00:00:00 2001
From: Sander Vrijders <sander.vrijders@ugent.be>
Date: Wed, 15 Nov 2017 13:05:30 +0100
Subject: tools: Check process id when binding a process

This adds a check that the passed process id is in fact a number and
not gibberish.

Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
---
 src/tools/irm/irm_bind_api.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/tools/irm/irm_bind_api.c b/src/tools/irm/irm_bind_api.c
index a9ca8efe..d441852d 100644
--- a/src/tools/irm/irm_bind_api.c
+++ b/src/tools/irm/irm_bind_api.c
@@ -36,8 +36,12 @@
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+#define _POSIX_C_SOURCE 200112L
+
 #include <stdio.h>
 #include <stdlib.h>
+#include <sys/types.h>
+#include <signal.h>
 
 #include <ouroboros/irm.h>
 #include <ouroboros/errno.h>
@@ -54,6 +58,7 @@ int do_bind_api(int argc, char ** argv)
 {
         pid_t api = -1;
         char * name = NULL;
+        char * t;
 
         while (argc > 1) {
                 if (matches(*argv, "name") == 0) {
@@ -61,7 +66,12 @@ int do_bind_api(int argc, char ** argv)
                         ++argv;
                         --argc;
                 } else if (matches(*argv, "api") == 0) {
-                        api = strtol(*(argv + 1), NULL, 10);
+                        api = strtol(*(argv + 1), &t, 10);
+                        if (*(argv + 1) == t || *t != '\0' || kill(api, 0)) {
+                                printf("\"%s\" is not a valid process id.\n",
+                                       *(argv + 1));
+                                return -1;
+                        }
                         ++argv;
                         --argc;
                 } else {
-- 
cgit v1.2.3