From 021410ea3fc3876538830839d16b67e610d12785 Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@akamai.com>
Date: Sat, 28 Nov 2020 16:12:58 -0500
Subject: Check non-option arguments

Make sure all commands check to see if there are any "extra" arguments
after the options, and print an error if so.

Made all error messages consistent (which is to say, minimal).

Fixes: #13527

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13563)
---
 apps/dhparam.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'apps/dhparam.c')

diff --git a/apps/dhparam.c b/apps/dhparam.c
index ecb4e17db1..a69dfd3810 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -146,11 +146,17 @@ int dhparam_main(int argc, char **argv)
             break;
         }
     }
+
+    /* One optional argument, bitsize to generate. */
     argc = opt_num_rest();
     argv = opt_rest();
+    if (argc == 1) {
+        if (!opt_int(argv[0], &num) || num <= 0)
+            goto opthelp;
+    } else if (argc != 0) {
+        goto opthelp;
+    }
 
-    if (argv[0] != NULL && (!opt_int(argv[0], &num) || num <= 0))
-        goto end;
 
     if (g && !num)
         num = DEFBITS;
-- 
cgit v1.2.3