tests/server: replace banned functions with curlx_str_hex

Replace an `strtol()` and `strtoul()` call, both used in hex mode, with `curlx_str_hex()`. Follow-up to 45438c8d6f8e70385d66c029568524e9e803c539 #18823 Closes #18837
2026-01-26 15:03:21 +00:00 · 2025-10-04 00:39:11 +02:00 · 2025-10-04 00:39:11 +02:00 · eaf66f18b7
commit eaf66f18b7
parent 4116e1d802
2 changed files with 15 additions and 10 deletions
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@ -371,13 +371,20 @@ static void lograw(unsigned char *buffer, ssize_t len)
 static bool read_data_block(unsigned char *buffer, ssize_t maxlen,
                            ssize_t *buffer_len)
 {
+  curl_off_t value;
+  const char *endp;
+
  if(!read_stdin(buffer, 5))
    return FALSE;

  buffer[5] = '\0';

-  /* !checksrc! disable BANNEDFUNC 1 */
-  *buffer_len = (ssize_t)strtol((char *)buffer, NULL, 16);
+  endp = (char *)buffer;
+  if(curlx_str_hex(&endp, &value, 0xfffff)) {
+    logmsg("Failed to decode buffer size");
+    return FALSE;
+  }
+  *buffer_len = (ssize_t)value;
  if(*buffer_len > maxlen) {
    logmsg("Buffer size (%zd bytes) too small for data size error "
           "(%zd bytes)", maxlen, *buffer_len);
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@ -413,7 +413,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
        static char doc[MAXDOCNAMELEN];
        if(sscanf(req->reqbuf, "CONNECT %" MAXDOCNAMELEN_TXT "s HTTP/%d.%d",
                  doc, &prot_major, &prot_minor) == 3) {
-          char *portp = NULL;
+          const char *portp = NULL;

          logmsg("Received a CONNECT %s HTTP/%d.%d request",
                 doc, prot_major, prot_minor);
@ -424,15 +424,13 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
            req->open = FALSE; /* HTTP 1.0 closes connection by default */

          if(doc[0] == '[') {
-            char *p = &doc[1];
-            unsigned long part = 0;
+            const char *p = &doc[1];
+            curl_off_t part = 0;
            /* scan through the hexgroups and store the value of the last group
               in the 'part' variable and use as test case number!! */
            while(*p && (ISXDIGIT(*p) || (*p == ':') || (*p == '.'))) {
-              char *endp;
-              /* !checksrc! disable BANNEDFUNC 1 */
-              part = strtoul(p, &endp, 16);
-              if(ISXDIGIT(*p))
+              const char *endp = p;
+              if(!curlx_str_hex(&endp, &part, 0xffff))
                p = endp;
              else
                p++;
@ -444,7 +442,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
            else
              portp = p + 1;

-            req->testno = part;
+            req->testno = (long)part;
          }
          else
            portp = strchr(doc, ':');