summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--regress/sbin/pfctl/pfail40.ok4
-rw-r--r--sbin/pfctl/pfctl_parser.c11
2 files changed, 8 insertions, 7 deletions
diff --git a/regress/sbin/pfctl/pfail40.ok b/regress/sbin/pfctl/pfail40.ok
index 361fa25a1da..303b285d016 100644
--- a/regress/sbin/pfctl/pfail40.ok
+++ b/regress/sbin/pfctl/pfail40.ok
@@ -1,4 +1,4 @@
-invalid netmask '/161'
+netmask is too large: /161
stdin:2: could not parse host specification
-invalid netmask '/161'
+netmask is too large: /161
stdin:3: could not parse host specification
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index 45a6faca7b3..ebc45cd9871 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfctl_parser.c,v 1.323 2018/07/24 09:48:04 kn Exp $ */
+/* $OpenBSD: pfctl_parser.c,v 1.324 2018/07/28 23:36:54 kn Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -1629,7 +1629,8 @@ host(const char *s, int opts)
{
struct node_host *h = NULL, *n;
int mask = -1, v4mask = 32, v6mask = 128, cont = 1;
- char *p, *q, *r, *ps, *if_name;
+ char *p, *r, *ps, *if_name;
+ const char *errstr;
if ((ps = strdup(s)) == NULL)
err(1, "host: strdup");
@@ -1642,9 +1643,9 @@ host(const char *s, int opts)
if ((p = strrchr(ps, '/')) != NULL) {
if ((r = strdup(ps)) == NULL)
err(1, "host: strdup");
- mask = strtol(p+1, &q, 0);
- if (!q || *q || mask > 128 || q == (p+1)) {
- fprintf(stderr, "invalid netmask '%s'\n", p);
+ mask = strtonum(p+1, 0, v6mask, &errstr);
+ if (errstr) {
+ fprintf(stderr, "netmask is %s: %s\n", errstr, p);
free(r);
free(ps);
return (NULL);