Parse IP addresses more securely - specifically, don't allow

a bum name to return as 0.0.0.0... we don't want ``delete xxx''
to delete the default route when xxx doesn't resolve.

Support IP number specifications as the host when specifying
a tcp-style device (rather than *just* hostnames).

4 files changed, 51 insertions, 33 deletions

diff --git a/usr.sbin/ppp/ppp/command.c b/usr.sbin/ppp/ppp/command.c
index e9487b5231a..e5be2339348 100644
--- a/usr.sbin/ppp/ppp/command.c
+++ b/usr.sbin/ppp/ppp/command.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: command.c,v 1.10 1999/02/18 00:50:45 brian Exp $
+ * $Id: command.c,v 1.11 1999/02/25 20:07:34 brian Exp $
  *
  */
 #include <sys/param.h>
@@ -141,7 +141,7 @@
 #define NEG_DNS		52
 
 const char Version[] = "2.11";
-const char VersionDate[] = "$Date: 1999/02/18 00:50:45 $";
+const char VersionDate[] = "$Date: 1999/02/25 20:07:34 $";
 
 static int ShowCommand(struct cmdargs const *);
 static int TerminalCommand(struct cmdargs const *);
@@ -1271,22 +1271,6 @@ SetEscape(struct cmdargs const *arg)
   return 0;
 }
 
-static struct in_addr
-GetIpAddr(const char *cp)
-{
-  struct hostent *hp;
-  struct in_addr ipaddr;
-
-  if (inet_aton(cp, &ipaddr) == 0) {
-    hp = gethostbyname(cp);
-    if (hp && hp->h_addrtype == AF_INET)
-      memcpy(&ipaddr, hp->h_addr, hp->h_length);
-    else
-      ipaddr.s_addr = 0;
-  }
-  return (ipaddr);
-}
-
 static int
 SetInterfaceAddr(struct cmdargs const *arg)
 {
@@ -1941,10 +1925,11 @@ DeleteCommand(struct cmdargs const *arg)
         dest = arg->bundle->ncp.ipcp.peer_ip;
         addrs = ROUTE_DSTHISADDR;
       } else {
-        if (strcasecmp(arg->argv[arg->argn], "default") == 0)
-          dest.s_addr = INADDR_ANY;
-        else
-          dest = GetIpAddr(arg->argv[arg->argn]);
+        dest = GetIpAddr(arg->argv[arg->argn]);
+        if (dest.s_addr == INADDR_NONE) {
+          log_Printf(LogWARN, "%s: Invalid IP address\n", arg->argv[arg->argn]);
+          return -1;
+        }
         addrs = ROUTE_STATIC;
       }
       none.s_addr = INADDR_ANY;
diff --git a/usr.sbin/ppp/ppp/defs.c b/usr.sbin/ppp/ppp/defs.c
index 9eca872d325..f553e87932f 100644
--- a/usr.sbin/ppp/ppp/defs.c
+++ b/usr.sbin/ppp/ppp/defs.c
@@ -23,10 +23,17 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: defs.c,v 1.2 1999/02/06 03:22:35 brian Exp $
+ *	$Id: defs.c,v 1.3 1999/02/25 20:07:36 brian Exp $
  */
 
 
+#include <sys/types.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+
+#include <ctype.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/errno.h>
@@ -114,3 +121,33 @@ Nam2mode(const char *name)
 
   return got == -1 ? 0 : modes[got].mode;
 }
+
+struct in_addr
+GetIpAddr(const char *cp)
+{
+  struct in_addr ipaddr;
+
+  if (!strcasecmp(cp, "default"))
+    ipaddr.s_addr = INADDR_ANY;
+  else if (inet_aton(cp, &ipaddr) == 0) {
+    const char *ptr;
+
+    /* Any illegal characters ? */
+    for (ptr = cp; *ptr != '\0'; ptr++)
+      if (!isalnum(*ptr) && strchr("-.", *ptr) == NULL)
+        break;
+
+    if (*ptr == '\0') {
+      struct hostent *hp;
+
+      hp = gethostbyname(cp);
+      if (hp && hp->h_addrtype == AF_INET)
+        memcpy(&ipaddr, hp->h_addr, hp->h_length);
+      else
+        ipaddr.s_addr = INADDR_NONE;
+    } else
+      ipaddr.s_addr = INADDR_NONE;
+  }
+
+  return ipaddr;
+}
diff --git a/usr.sbin/ppp/ppp/defs.h b/usr.sbin/ppp/ppp/defs.h
index 5e50b89060d..cac6434e406 100644
--- a/usr.sbin/ppp/ppp/defs.h
+++ b/usr.sbin/ppp/ppp/defs.h
@@ -15,7 +15,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: defs.h,v 1.4 1999/02/16 00:18:02 brian Exp $
+ * $Id: defs.h,v 1.5 1999/02/25 20:07:36 brian Exp $
  *
  *	TODO:
  */
@@ -93,3 +93,4 @@ extern void randinit(void);
 extern ssize_t fullread(int, void *, size_t);
 extern const char *mode2Nam(int);
 extern int Nam2mode(const char *);
+extern struct in_addr GetIpAddr(const char *);
diff --git a/usr.sbin/ppp/ppp/modem.c b/usr.sbin/ppp/ppp/modem.c
index 27dc287ee1b..ed1c6762abb 100644
--- a/usr.sbin/ppp/ppp/modem.c
+++ b/usr.sbin/ppp/ppp/modem.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: modem.c,v 1.4 1999/02/16 00:18:02 brian Exp $
+ * $Id: modem.c,v 1.5 1999/02/25 20:07:36 brian Exp $
  *
  *  TODO:
  */
@@ -393,19 +393,14 @@ OpenConnection(const char *name, char *host, char *port)
 {
   struct sockaddr_in dest;
   int sock;
-  struct hostent *hp;
   struct servent *sp;
 
   dest.sin_family = AF_INET;
   dest.sin_addr.s_addr = inet_addr(host);
+  dest.sin_addr = GetIpAddr(host);
   if (dest.sin_addr.s_addr == INADDR_NONE) {
-    hp = gethostbyname(host);
-    if (hp) {
-      memcpy(&dest.sin_addr.s_addr, hp->h_addr_list[0], 4);
-    } else {
-      log_Printf(LogWARN, "%s: %s: unknown host\n", name, host);
-      return (-1);
-    }
+    log_Printf(LogWARN, "%s: %s: unknown host\n", name, host);
+    return (-1);
   }
   dest.sin_port = htons(atoi(port));
   if (dest.sin_port == 0) {