DL3011 : Valid UNIX ports range from 0 to 65535

Description

Ports exposed by EXPOSE must fall within the valid TCP/UDP range.

Goals

• Prevent exposing invalid or out-of-range ports.
• Ensure compliance with standard port numbering.

Specification

1. Inspect each EXPOSE instruction.
2. For each port token:
3. Remove any protocol suffix after /.
4. Split ranges on - and inspect each numeric part.
5. If a numeric conversion fails, treat the value as valid.
6. If any numeric part is less than 0 or greater than 65535, emit DL3011 at the instruction line.

(c) 2025 Asymmetric Effort, LLC. scaldwell@asymmetric-effort.com