From c2ee99e9a2c34cafdacf7b24a9b413ed5846214c Mon Sep 17 00:00:00 2001
From: Tim Segers <tsegers@pm.me>
Date: Wed, 4 Jan 2023 13:31:02 +0100
Subject: Improve gas input validation

---
 src/opendeco.c | 12 ++++++++++--
 src/output.c   | 27 ++++++++++++++++++++-------
 src/output.h   |  2 +-
 3 files changed, 31 insertions(+), 10 deletions(-)

diff --git a/src/opendeco.c b/src/opendeco.c
index fe9a1d1..04984a9 100644
--- a/src/opendeco.c
+++ b/src/opendeco.c
@@ -125,7 +125,11 @@ int parse_gasses(gas_t **gasses, char *str)
         if (!gas_str)
             break;
 
-        scan_gas(&deco_gasses[gas_idx], gas_str);
+        if (scan_gas(&deco_gasses[gas_idx], gas_str)) {
+            wprintf(L"Invalid gas (%s). Aborting!\n", gas_str);
+            exit(-1);
+        }
+
         gas_idx++;
     }
 
@@ -175,7 +179,11 @@ int main(int argc, char *argv[])
     double dec_per_min = xsw_to_bar(msw_or_fsw(9, 30));
 
     gas_t bottom_gas;
-    scan_gas(&bottom_gas, arguments.gas);
+
+    if (scan_gas(&bottom_gas, arguments.gas)) {
+        wprintf(L"Invalid gas (%s). Aborting!\n", arguments.gas);
+        exit(-1);
+    }
 
     gas_t *deco_gasses;
     int nof_gasses = parse_gasses(&deco_gasses, arguments.decogasses);
diff --git a/src/output.c b/src/output.c
index 5997f31..04352d5 100644
--- a/src/output.c
+++ b/src/output.c
@@ -30,26 +30,39 @@ void format_gas(char *buf, size_t buflen, const gas_t *gas)
         snprintf(buf, buflen, "%i/%i", gas_o2(gas), gas_he(gas));
 }
 
-void scan_gas(gas_t *gas, char *str)
+int scan_gas(gas_t *gas, char *str)
 {
-    int o2 = 0;
-    int he = 0;
+    int o2 = -1;
+    int he = -1;
 
     if (!strcmp(str, "Air")) {
         *gas = gas_new(21, 0, MOD_AUTO);
-        return;
-    } else if (!strcmp(str, "Oxygen")) {
+        return 0;
+    }
+
+    if (!strcmp(str, "Oxygen")) {
         *gas = gas_new(100, 0, MOD_AUTO);
-        return;
-    } else if (!strncmp(str, "EAN", strlen("EAN"))) {
+        return 0;
+    }
+
+    if (!strncmp(str, "EAN", strlen("EAN"))) {
         sscanf(str, "EAN%i", &o2);
+        he = 0;
     } else if (!strncmp(str, "Nitrox", strlen("Nitrox"))) {
         sscanf(str, "Nitrox %i", &o2);
+        he = 0;
     } else {
         sscanf(str, "%i/%i", &o2, &he);
     }
 
+    if (o2 < 0 || he < 0)
+        return -1;
+
+    if (o2 + he > 100)
+        return -1;
+
     *gas = gas_new(o2, he, MOD_AUTO);
+    return 0;
 }
 
 void print_planhead(void)
diff --git a/src/output.h b/src/output.h
index d6d00f3..083cef0 100644
--- a/src/output.h
+++ b/src/output.h
@@ -18,7 +18,7 @@ void print_planhead(void);
 void print_planline(wchar_t sign, double depth, double time, double runtime, const gas_t *gas);
 void print_planfoot(const decostate_t *ds);
 
-void scan_gas(gas_t *gas, char *str);
+int scan_gas(gas_t *gas, char *str);
 void format_gas(char *buf, size_t buflen, const gas_t *gas);
 
 #endif /* end of include guard: OUTPUT_H */
-- 
cgit v1.2.3-70-g09d2