From a41c435e494dac086e7ec21f7733d9dd755f742d Mon Sep 17 00:00:00 2001
From: Kelvin Schoofs <schoofs.kelvin@gmail.com>
Date: Thu, 1 Jul 2021 15:11:04 +0200
Subject: [PATCH] Better port validation + fill actual config with default SSH
 port (fix #266)

---
 src/connect.ts | 4 ++--
 src/proxy.ts   | 5 +++--
 src/utils.ts   | 8 ++++++++
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/connect.ts b/src/connect.ts
index 553e9f6..3deccb1 100644
--- a/src/connect.ts
+++ b/src/connect.ts
@@ -8,7 +8,7 @@ import { getConfig, getFlagBoolean } from './config';
 import type { FileSystemConfig } from './fileSystemConfig';
 import { censorConfig, Logging } from './logging';
 import type { PuttySession } from './putty';
-import { toPromise } from './utils';
+import { toPromise, validatePort } from './utils';
 
 // tslint:disable-next-line:variable-name
 const SFTPWrapper = require('ssh2/lib/SFTPWrapper') as (new (stream: SFTPStream) => SFTPWrapperReal);
@@ -66,7 +66,7 @@ export async function calculateActualConfig(config: FileSystemConfig): Promise<F
   if (config.username !== '$USER') config.username = replaceVariables(config.username);
   config.host = replaceVariables(config.host);
   const port = replaceVariables((config.port || '') + '');
-  if (port) config.port = Number(port);
+  config.port = port ? validatePort(port) : 22;
   config.agent = replaceVariables(config.agent);
   config.privateKeyPath = replaceVariables(config.privateKeyPath);
   logging.info(`Calculating actual config`);
diff --git a/src/proxy.ts b/src/proxy.ts
index 401fd0b..3327a07 100644
--- a/src/proxy.ts
+++ b/src/proxy.ts
@@ -4,7 +4,7 @@ import { request } from 'http';
 import { SocksClient } from 'socks';
 import type { FileSystemConfig } from './fileSystemConfig';
 import { Logging } from './logging';
-import { toPromise } from './utils';
+import { toPromise, validatePort } from './utils';
 
 async function resolveHostname(hostname: string): Promise<string> {
   return toPromise<string>(cb => dns.lookup(hostname, cb)).then((ip) => {
@@ -15,9 +15,10 @@ async function resolveHostname(hostname: string): Promise<string> {
 
 function validateConfig(config: FileSystemConfig) {
   if (!config.proxy) throw new Error(`Missing field 'config.proxy'`);
+  if (!config.proxy.type) throw new Error(`Missing field 'config.proxy.type'`);
   if (!config.proxy.host) throw new Error(`Missing field 'config.proxy.host'`);
   if (!config.proxy.port) throw new Error(`Missing field 'config.proxy.port'`);
-  if (!config.proxy.type) throw new Error(`Missing field 'config.proxy.type'`);
+  config.proxy.port = validatePort(config.proxy.port);
 }
 
 export async function socks(config: FileSystemConfig): Promise<NodeJS.ReadableStream> {
diff --git a/src/utils.ts b/src/utils.ts
index 873e36d..d4b8657 100644
--- a/src/utils.ts
+++ b/src/utils.ts
@@ -27,6 +27,14 @@ export async function catchingPromise<T>(executor: (resolve: (value?: T | Promis
     });
 }
 
+/** Converts the given number/string to a port number. Throws an error for invalid strings or ports outside the 1-65565 range */
+export function validatePort(port: string | number): number {
+    const p = Number(port);
+    if (!Number.isInteger(p)) throw new Error(`Wanting to use non-int '${port}' as port`);
+    if (p < 0 || p > 65565) throw new Error(`Wanting to use port ${p} outside the 1-65565 range`);
+    return p;
+}
+
 const CLEAN_BASH_VALUE_REGEX = /^[\w-/\\]+$/;
 /** Based on way 1 in https://stackoverflow.com/a/20053121 */
 function escapeBashValue(value: string) {