diff options
author | Claudio Jeker <claudio@cvs.openbsd.org> | 2018-12-07 08:40:55 +0000 |
---|---|---|
committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2018-12-07 08:40:55 +0000 |
commit | b4c4cbc3bc28d5d9ba2437623032a62196a475a9 (patch) | |
tree | 4513ad6187cb741860197ae85f87b7e9703d7512 /usr.sbin/snmpd | |
parent | 258c20c44d786f8635c74de3a594a7e20cddfce6 (diff) |
Be more strict in converting a netmask into a prefixlen. Make sure
the prefixlen is never bigger than 128 for inet6.
OK remi@
Diffstat (limited to 'usr.sbin/snmpd')
-rw-r--r-- | usr.sbin/snmpd/kroute.c | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/usr.sbin/snmpd/kroute.c b/usr.sbin/snmpd/kroute.c index 3604f884dea..50e3fb8a878 100644 --- a/usr.sbin/snmpd/kroute.c +++ b/usr.sbin/snmpd/kroute.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kroute.c,v 1.36 2018/10/10 11:46:59 reyk Exp $ */ +/* $OpenBSD: kroute.c,v 1.37 2018/12/07 08:40:54 claudio Exp $ */ /* * Copyright (c) 2007, 2008 Reyk Floeter <reyk@openbsd.org> @@ -1009,7 +1009,8 @@ prefixlen2mask(u_int8_t prefixlen) u_int8_t mask2prefixlen6(struct sockaddr_in6 *sa_in6) { - u_int8_t l = 0, *ap, *ep; + unsigned int l = 0; + u_int8_t *ap, *ep; /* * sin6_len is the size of the sockaddr so substract the offset of @@ -1025,32 +1026,35 @@ mask2prefixlen6(struct sockaddr_in6 *sa_in6) break; case 0xfe: l += 7; - return (l); + goto done; case 0xfc: l += 6; - return (l); + goto done; case 0xf8: l += 5; - return (l); + goto done; case 0xf0: l += 4; - return (l); + goto done; case 0xe0: l += 3; - return (l); + goto done; case 0xc0: l += 2; - return (l); + goto done; case 0x80: l += 1; - return (l); + goto done; case 0x00: - return (l); + goto done; default: fatalx("non contiguous inet6 netmask"); } } +done: + if (l > sizeof(struct in6_addr) * 8) + fatalx("inet6 prefixlen out of bound"); return (l); } |