diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2018-12-07 08:40:55 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2018-12-07 08:40:55 +0000 |
| commit | b4c4cbc3bc28d5d9ba2437623032a62196a475a9 (patch) | |
| tree | 4513ad6187cb741860197ae85f87b7e9703d7512 | |
| parent | 258c20c44d786f8635c74de3a594a7e20cddfce6 (diff) | |
Be more strict in converting a netmask into a prefixlen. Make sure
the prefixlen is never bigger than 128 for inet6.
OK remi@
| -rw-r--r-- | usr.sbin/eigrpd/util.c | 24 | ||||
| -rw-r--r-- | usr.sbin/ldpd/util.c | 24 | ||||
| -rw-r--r-- | usr.sbin/snmpd/kroute.c | 24 |
3 files changed, 42 insertions, 30 deletions
diff --git a/usr.sbin/eigrpd/util.c b/usr.sbin/eigrpd/util.c index 7fc53cc6dda..7f0cd3c3d7b 100644 --- a/usr.sbin/eigrpd/util.c +++ b/usr.sbin/eigrpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.9 2016/09/02 16:36:33 renato Exp $ */ +/* $OpenBSD: util.c,v 1.10 2018/12/07 08:40:54 claudio Exp $ */ /* * Copyright (c) 2015 Renato Westphal <renato@openbsd.org> @@ -38,7 +38,8 @@ mask2prefixlen(in_addr_t ina) uint8_t mask2prefixlen6(struct sockaddr_in6 *sa_in6) { - uint8_t l = 0, *ap, *ep; + unsigned int l = 0; + uint8_t *ap, *ep; /* * sin6_len is the size of the sockaddr so substract the offset of @@ -54,32 +55,35 @@ mask2prefixlen6(struct sockaddr_in6 *sa_in6) break; case 0xfe: l += 7; - return (l); + goto done; case 0xfc: l += 6; - return (l); + goto done; case 0xf8: l += 5; - return (l); + goto done; case 0xf0: l += 4; - return (l); + goto done; case 0xe0: l += 3; - return (l); + goto done; case 0xc0: l += 2; - return (l); + goto done; case 0x80: l += 1; - return (l); + goto done; case 0x00: - return (l); + goto done; default: fatalx("non contiguous inet6 netmask"); } } +done: + if (l > sizeof(struct in6_addr) * 8) + fatalx("inet6 prefixlen out of bound"); return (l); } diff --git a/usr.sbin/ldpd/util.c b/usr.sbin/ldpd/util.c index ba0cfa0a2f4..148e09a5927 100644 --- a/usr.sbin/ldpd/util.c +++ b/usr.sbin/ldpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.4 2016/05/23 18:58:48 renato Exp $ */ +/* $OpenBSD: util.c,v 1.5 2018/12/07 08:40:54 claudio Exp $ */ /* * Copyright (c) 2015 Renato Westphal <renato@openbsd.org> @@ -37,7 +37,8 @@ mask2prefixlen(in_addr_t ina) uint8_t mask2prefixlen6(struct sockaddr_in6 *sa_in6) { - uint8_t l = 0, *ap, *ep; + unsigned int l = 0; + uint8_t *ap, *ep; /* * sin6_len is the size of the sockaddr so substract the offset of @@ -53,32 +54,35 @@ mask2prefixlen6(struct sockaddr_in6 *sa_in6) break; case 0xfe: l += 7; - return (l); + goto done; case 0xfc: l += 6; - return (l); + goto done; case 0xf8: l += 5; - return (l); + goto done; case 0xf0: l += 4; - return (l); + goto done; case 0xe0: l += 3; - return (l); + goto done; case 0xc0: l += 2; - return (l); + goto done; case 0x80: l += 1; - return (l); + goto done; case 0x00: - return (l); + goto done; default: fatalx("non contiguous inet6 netmask"); } } +done: + if (l > sizeof(struct in6_addr) * 8) + fatalx("inet6 prefixlen out of bound"); return (l); } diff --git a/usr.sbin/snmpd/kroute.c b/usr.sbin/snmpd/kroute.c index 3604f884dea..50e3fb8a878 100644 --- a/usr.sbin/snmpd/kroute.c +++ b/usr.sbin/snmpd/kroute.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kroute.c,v 1.36 2018/10/10 11:46:59 reyk Exp $ */ +/* $OpenBSD: kroute.c,v 1.37 2018/12/07 08:40:54 claudio Exp $ */ /* * Copyright (c) 2007, 2008 Reyk Floeter <reyk@openbsd.org> @@ -1009,7 +1009,8 @@ prefixlen2mask(u_int8_t prefixlen) u_int8_t mask2prefixlen6(struct sockaddr_in6 *sa_in6) { - u_int8_t l = 0, *ap, *ep; + unsigned int l = 0; + u_int8_t *ap, *ep; /* * sin6_len is the size of the sockaddr so substract the offset of @@ -1025,32 +1026,35 @@ mask2prefixlen6(struct sockaddr_in6 *sa_in6) break; case 0xfe: l += 7; - return (l); + goto done; case 0xfc: l += 6; - return (l); + goto done; case 0xf8: l += 5; - return (l); + goto done; case 0xf0: l += 4; - return (l); + goto done; case 0xe0: l += 3; - return (l); + goto done; case 0xc0: l += 2; - return (l); + goto done; case 0x80: l += 1; - return (l); + goto done; case 0x00: - return (l); + goto done; default: fatalx("non contiguous inet6 netmask"); } } +done: + if (l > sizeof(struct in6_addr) * 8) + fatalx("inet6 prefixlen out of bound"); return (l); } |