Fix overflow, leak, port validation, and add missing test coverage

- Fix uint16_t overflow in pp2_create_hdr: accumulate TLV lengths in uint32_t, check > UINT16_MAX before truncating
- Fix memory leak in test harness: free raw_bytes_in buffer after pp_parse_hdr
- Fix MSVC C4244 warning: cast _sprintf return to uint16_t in pp1_create_hdr
- Fix parse_port: reject leading + prefix and trailing non-digit characters
- Add tests for parse_port strictness (+ prefix, trailing garbage) and pp_info_add_* NULL/length guards

Author: kosmas-valianos

src/proxy_protocol.c

@@ -217,7 +217,7 @@ static uint8_t parse_port(const char *value, uint16_t *usport)
 {
     char *endptr = NULL;
     uint64_t port = strtoul(value, &endptr, 10);
-    if (endptr == value || port > UINT16_MAX)
+    if (endptr == value || *endptr != '\0' || *value == '+' || port > UINT16_MAX)
     {
         return 0;
     }
@@ -701,7 +701,8 @@ static uint32_t crc32c(const uint8_t* buf, uint32_t len)
 static uint8_t *pp2_create_hdr(const pp_info_t *pp_info, uint16_t *pp2_hdr_len, int32_t *error)
 {
     proxy_hdr_v2_t proxy_hdr_v2 = { PP2_SIG, '\x21', 0, 0 };
-    uint16_t proxy_addr_len, len, padding_bytes, index;
+    uint16_t proxy_addr_len, padding_bytes, index;
+    uint32_t len;
     proxy_addr_t proxy_addr;
     const tlv_array_t *tlv_array;
     uint32_t i;
@@ -782,7 +783,12 @@ static uint8_t *pp2_create_hdr(const pp_info_t *pp_info, uint16_t *pp2_hdr_len,
     {
         len += sizeof_pp2_tlv_t + sizeof(uint32_t);
     }
-    *pp2_hdr_len = sizeof(proxy_hdr_v2_t) + len;
+    if (sizeof(proxy_hdr_v2_t) + len > UINT16_MAX)
+    {
+        *error = -ERR_PP2_LENGTH;
+        return NULL;
+    }
+    *pp2_hdr_len = (uint16_t)(sizeof(proxy_hdr_v2_t) + len);
     if (pp_info->pp2_info.alignment_power > 1)
     {
         uint16_t alignment = 1 << pp_info->pp2_info.alignment_power;
@@ -794,13 +800,13 @@ static uint8_t *pp2_create_hdr(const pp_info_t *pp_info, uint16_t *pp2_hdr_len,
             {
                 pp2_hdr_len_padded += alignment;
             }
-            padding_bytes = pp2_hdr_len_padded - sizeof(proxy_hdr_v2_t) - len - sizeof_pp2_tlv_t;
+            padding_bytes = pp2_hdr_len_padded - (uint16_t)sizeof(proxy_hdr_v2_t) - (uint16_t)len - sizeof_pp2_tlv_t;
 
             *pp2_hdr_len = pp2_hdr_len_padded;
-            len = pp2_hdr_len_padded - sizeof(proxy_hdr_v2_t);
+            len = pp2_hdr_len_padded - (uint32_t)sizeof(proxy_hdr_v2_t);
         }
     }
-    proxy_hdr_v2.len = htons(len);
+    proxy_hdr_v2.len = htons((uint16_t)len);
 
     /* Create the PROXY protocol header */
     pp2_hdr = malloc(*pp2_hdr_len);
@@ -911,7 +917,7 @@ static uint8_t *pp1_create_hdr(const pp_info_t *pp_info, uint16_t *pp1_hdr_len,
         }
         memcpy(src_addr, pp_info->src_addr, sizeof(src_addr));
         memcpy(dst_addr, pp_info->dst_addr, sizeof(dst_addr));
-        *pp1_hdr_len = _sprintf(block, "PROXY %s %s %s %hu %hu"CRLF, fam, src_addr, dst_addr, pp_info->src_port, pp_info->dst_port);
+        *pp1_hdr_len = (uint16_t)_sprintf(block, "PROXY %s %s %s %hu %hu"CRLF, fam, src_addr, dst_addr, pp_info->src_port, pp_info->dst_port);
     }
     else
     {

tests/test.c

@@ -973,6 +973,31 @@ int main(void)
             .raw_bytes_in_length = 108,
             .rc_expected = -ERR_PP1_CRLF,
         },
+        {
+            .name = "v1 PROXY protocol header: -ERR_PP1_SRC_PORT (+ prefix)",
+            .raw_bytes_in = (const uint8_t*) "PROXY TCP4 1.2.3.4 5.6.7.8 +80 443\r\n",
+            .raw_bytes_in_length = 36,
+            .rc_expected = -ERR_PP1_SRC_PORT,
+            .pp_info_out_expected = {
+                .address_family = ADDR_FAMILY_INET,
+                .transport_protocol = TRANSPORT_PROTOCOL_STREAM,
+                .src_addr = "1.2.3.4",
+                .dst_addr = "5.6.7.8",
+            },
+        },
+        {
+            .name = "v1 PROXY protocol header: -ERR_PP1_DST_PORT (trailing garbage)",
+            .raw_bytes_in = (const uint8_t*) "PROXY TCP4 1.2.3.4 5.6.7.8 80 443a\r\n",
+            .raw_bytes_in_length = 36,
+            .rc_expected = -ERR_PP1_DST_PORT,
+            .pp_info_out_expected = {
+                .address_family = ADDR_FAMILY_INET,
+                .transport_protocol = TRANSPORT_PROTOCOL_STREAM,
+                .src_addr = "1.2.3.4",
+                .dst_addr = "5.6.7.8",
+                .src_port = 80,
+            },
+        },
     };
 
     /* Run tests */
@@ -993,6 +1018,7 @@ int main(void)
             }
             memcpy(buffer, tests[i].raw_bytes_in, tests[i].raw_bytes_in_length);
             pp_parse_hdr_rc = pp_parse_hdr(buffer, tests[i].raw_bytes_in_length, &pp_info_out);
+            free(buffer);
         }
         else
         {
@@ -1057,6 +1083,44 @@ int main(void)
         printf("PASSED\n");
     }
 
+    /* Test pp_info_add_* validation failures */
+    printf("Running test: pp_info_add_unique_id length > 128...");
+    {
+        pp_info_t pp_info = { 0 };
+        uint8_t dummy = 0;
+        if (pp_info_add_unique_id(&pp_info, 129, &dummy) != 0)
+        {
+            printf("FAILED\n");
+            return EXIT_FAILURE;
+        }
+        pp_info_clear(&pp_info);
+    }
+    printf("PASSED\n");
+
+    printf("Running test: pp_info_add_netns NULL...");
+    {
+        pp_info_t pp_info = { 0 };
+        if (pp_info_add_netns(&pp_info, NULL) != 0)
+        {
+            printf("FAILED\n");
+            return EXIT_FAILURE;
+        }
+        pp_info_clear(&pp_info);
+    }
+    printf("PASSED\n");
+
+    printf("Running test: pp_info_add_aws_vpce_id NULL...");
+    {
+        pp_info_t pp_info = { 0 };
+        if (pp_info_add_aws_vpce_id(&pp_info, NULL) != 0)
+        {
+            printf("FAILED\n");
+            return EXIT_FAILURE;
+        }
+        pp_info_clear(&pp_info);
+    }
+    printf("PASSED\n");
+
     /* Test pp_strerror() */
     printf("Running test: pp_strerror()...");
     if (strcmp("No error", pp_strerror(ERR_NULL))