summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2001-03-15 17:52:55 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2001-03-15 17:52:55 +0000
commite2303d3e54bf3b5714663bbee1877c528241dced (patch)
tree0a30443aceacb35cca46eac199fc55361cc061e6 /usr.sbin
parent4391c970ad9c9be165eeeaffd800233e9ecaed35 (diff)
do not permit traceroute -s 127.0.0.1 non-127-net-address; solar
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/traceroute/traceroute.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/usr.sbin/traceroute/traceroute.c b/usr.sbin/traceroute/traceroute.c
index 97883dbf80b..a64fd77cb86 100644
--- a/usr.sbin/traceroute/traceroute.c
+++ b/usr.sbin/traceroute/traceroute.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: traceroute.c,v 1.34 2000/08/28 22:43:17 deraadt Exp $ */
+/* $OpenBSD: traceroute.c,v 1.35 2001/03/15 17:52:54 deraadt Exp $ */
/* $NetBSD: traceroute.c,v 1.10 1995/05/21 15:50:45 mycroft Exp $ */
/*-
@@ -525,6 +525,11 @@ main(argc, argv)
if (inet_aton(source, &from.sin_addr) == 0)
errx(1, "unknown host %s", source);
ip->ip_src = from.sin_addr;
+ if (getuid() != 0 &&
+ (ntohl(from.sin_addr.s_addr) & 0xff000000U) == 0x7f000000U &&
+ (ntohl(to.sin_addr.s_addr) & 0xff000000U) != 0x7f000000U)
+ errx(1, "source is on 127/8, destination is not");
+
if (getuid() &&
bind(sndsock, (struct sockaddr *)&from, sizeof(from)) < 0)
err(1, "bind");
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 13:37:08 +0000