Re: be more strict when parsing netmasks for IPv6

Wed, 05 Dec 2018 14:54:43 -0800 

On Wed, Dec 05, 2018 at 09:22:22AM +0100, Claudio Jeker wrote:
> When parsing a network mask into prefixlen be more paranoid and make sure
> no value bigger then 128 is returned. In general this should never happen
> but if it does the result can be bad.
> 
> This is for bgpd but there are other users in the tree. I will adjust them
> if we dicide to go this way.
> -- 
> :wq Claudio
> 

makes sense to me.

OK remi@

> Index: kroute.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/kroute.c,v
> retrieving revision 1.225
> diff -u -p -r1.225 kroute.c
> --- kroute.c  5 Nov 2018 07:01:15 -0000       1.225
> +++ kroute.c  19 Nov 2018 12:46:23 -0000
> @@ -2406,7 +2406,8 @@ mask2prefixlen(in_addr_t ina)
>  u_int8_t
>  mask2prefixlen6(struct sockaddr_in6 *sa_in6)
>  {
> -     u_int8_t         l = 0, *ap, *ep;
> +     u_int8_t        *ap, *ep;
> +     u_int            l = 0;
>  
>       /*
>        * sin6_len is the size of the sockaddr so substract the offset of
> @@ -2422,32 +2423,35 @@ mask2prefixlen6(struct sockaddr_in6 *sa_
>                       break;
>               case 0xfe:
>                       l += 7;
> -                     return (l);
> +                     goto done;
>               case 0xfc:
>                       l += 6;
> -                     return (l);
> +                     goto done;
>               case 0xf8:
>                       l += 5;
> -                     return (l);
> +                     goto done;
>               case 0xf0:
>                       l += 4;
> -                     return (l);
> +                     goto done;
>               case 0xe0:
>                       l += 3;
> -                     return (l);
> +                     goto done;
>               case 0xc0:
>                       l += 2;
> -                     return (l);
> +                     goto done;
>               case 0x80:
>                       l += 1;
> -                     return (l);
> +                     goto done;
>               case 0x00:
> -                     return (l);
> +                     goto done;
>               default:
>                       fatalx("non contiguous inet6 netmask");
>               }
>       }
>  
> + done:
> +     if (l > sizeof(struct in6_addr) * 8)
> +             fatalx("%s: prefixlen %d out of bound", __func__, l);
>       return (l);
>  }
>  
>

Reply via email to