On Wed, Dec 05, 2018 at 11:53:48PM +0100, Remi Locherer wrote:
> On Wed, Dec 05, 2018 at 09:22:22AM +0100, Claudio Jeker wrote:
> > When parsing a network mask into prefixlen be more paranoid and make sure
> > no value bigger then 128 is returned. In general this should never happen
> > but if it does the result can be bad.
> >
> > This is for bgpd but there are other users in the tree. I will adjust them
> > if we dicide to go this way.
> > --
> > :wq Claudio
> >
>
> makes sense to me.
>
> OK remi@
>
Here the same diff against other users of mask2prefixlen6().
IIRC there are some other users with different function names which I need
to hunt down (unless someone else wants to do that job).
Iked is a bit special since it returns 0 for non-contiguous netmasks.
Wonder if we should put a fatalx() there too - like in the other daemons.
--
:wq Claudio
Index: sbin/iked/util.c
===================================================================
RCS file: /cvs/src/sbin/iked/util.c,v
retrieving revision 1.36
diff -u -p -r1.36 util.c
--- sbin/iked/util.c 22 Jun 2018 13:20:08 -0000 1.36
+++ sbin/iked/util.c 6 Dec 2018 12:51:14 -0000
@@ -553,7 +553,8 @@ uint8_t
mask2prefixlen6(struct sockaddr *sa)
{
struct sockaddr_in6 *sa_in6 = (struct sockaddr_in6 *)sa;
- uint8_t l = 0, *ap, *ep;
+ uint8_t *ap, *ep;
+ unsigned int l = 0;
/*
* sin6_len is the size of the sockaddr so substract the offset of
@@ -569,32 +570,35 @@ mask2prefixlen6(struct sockaddr *sa)
break;
case 0xfe:
l += 7;
- return (l);
+ goto done;
case 0xfc:
l += 6;
- return (l);
+ goto done;
case 0xf8:
l += 5;
- return (l);
+ goto done;
case 0xf0:
l += 4;
- return (l);
+ goto done;
case 0xe0:
l += 3;
- return (l);
+ goto done;
case 0xc0:
l += 2;
- return (l);
+ goto done;
case 0x80:
l += 1;
- return (l);
+ goto done;
case 0x00:
- return (l);
+ goto done;
default:
return (0);
}
}
+done:
+ if (l > sizeof(struct in6_addr) * 8)
+ fatalx("%s: prefixlen %d out of bound", __func__, l);
return (l);
}
Index: usr.sbin/eigrpd/util.c
===================================================================
RCS file: /cvs/src/usr.sbin/eigrpd/util.c,v
retrieving revision 1.9
diff -u -p -r1.9 util.c
--- usr.sbin/eigrpd/util.c 2 Sep 2016 16:36:33 -0000 1.9
+++ usr.sbin/eigrpd/util.c 6 Dec 2018 14:18:32 -0000
@@ -38,7 +38,8 @@ mask2prefixlen(in_addr_t ina)
uint8_t
mask2prefixlen6(struct sockaddr_in6 *sa_in6)
{
- uint8_t l = 0, *ap, *ep;
+ unsigned int l = 0;
+ uint8_t *ap, *ep;
/*
* sin6_len is the size of the sockaddr so substract the offset of
@@ -54,32 +55,35 @@ mask2prefixlen6(struct sockaddr_in6 *sa_
break;
case 0xfe:
l += 7;
- return (l);
+ goto done;
case 0xfc:
l += 6;
- return (l);
+ goto done;
case 0xf8:
l += 5;
- return (l);
+ goto done;
case 0xf0:
l += 4;
- return (l);
+ goto done;
case 0xe0:
l += 3;
- return (l);
+ goto done;
case 0xc0:
l += 2;
- return (l);
+ goto done;
case 0x80:
l += 1;
- return (l);
+ goto done;
case 0x00:
- return (l);
+ goto done;
default:
fatalx("non contiguous inet6 netmask");
}
}
+done:
+ if (l > sizeof(struct in6_addr) * 8)
+ fatalx("inet6 prefixlen out of bound");
return (l);
}
Index: usr.sbin/ldpd/util.c
===================================================================
RCS file: /cvs/src/usr.sbin/ldpd/util.c,v
retrieving revision 1.4
diff -u -p -r1.4 util.c
--- usr.sbin/ldpd/util.c 23 May 2016 18:58:48 -0000 1.4
+++ usr.sbin/ldpd/util.c 6 Dec 2018 14:19:00 -0000
@@ -37,7 +37,8 @@ mask2prefixlen(in_addr_t ina)
uint8_t
mask2prefixlen6(struct sockaddr_in6 *sa_in6)
{
- uint8_t l = 0, *ap, *ep;
+ unsigned int l = 0;
+ uint8_t *ap, *ep;
/*
* sin6_len is the size of the sockaddr so substract the offset of
@@ -53,32 +54,35 @@ mask2prefixlen6(struct sockaddr_in6 *sa_
break;
case 0xfe:
l += 7;
- return (l);
+ goto done;
case 0xfc:
l += 6;
- return (l);
+ goto done;
case 0xf8:
l += 5;
- return (l);
+ goto done;
case 0xf0:
l += 4;
- return (l);
+ goto done;
case 0xe0:
l += 3;
- return (l);
+ goto done;
case 0xc0:
l += 2;
- return (l);
+ goto done;
case 0x80:
l += 1;
- return (l);
+ goto done;
case 0x00:
- return (l);
+ goto done;
default:
fatalx("non contiguous inet6 netmask");
}
}
+done:
+ if (l > sizeof(struct in6_addr) * 8)
+ fatalx("inet6 prefixlen out of bound");
return (l);
}
Index: usr.sbin/snmpd/kroute.c
===================================================================
RCS file: /cvs/src/usr.sbin/snmpd/kroute.c,v
retrieving revision 1.36
diff -u -p -r1.36 kroute.c
--- usr.sbin/snmpd/kroute.c 10 Oct 2018 11:46:59 -0000 1.36
+++ usr.sbin/snmpd/kroute.c 6 Dec 2018 14:19:24 -0000
@@ -1009,7 +1009,8 @@ prefixlen2mask(u_int8_t prefixlen)
u_int8_t
mask2prefixlen6(struct sockaddr_in6 *sa_in6)
{
- u_int8_t l = 0, *ap, *ep;
+ unsigned int l = 0;
+ u_int8_t *ap, *ep;
/*
* sin6_len is the size of the sockaddr so substract the offset of
@@ -1025,32 +1026,35 @@ mask2prefixlen6(struct sockaddr_in6 *sa_
break;
case 0xfe:
l += 7;
- return (l);
+ goto done;
case 0xfc:
l += 6;
- return (l);
+ goto done;
case 0xf8:
l += 5;
- return (l);
+ goto done;
case 0xf0:
l += 4;
- return (l);
+ goto done;
case 0xe0:
l += 3;
- return (l);
+ goto done;
case 0xc0:
l += 2;
- return (l);
+ goto done;
case 0x80:
l += 1;
- return (l);
+ goto done;
case 0x00:
- return (l);
+ goto done;
default:
fatalx("non contiguous inet6 netmask");
}
}
+done:
+ if (l > sizeof(struct in6_addr) * 8)
+ fatalx("inet6 prefixlen out of bound");
return (l);
}
