On Thu, Dec 06, 2018 at 03:24:52PM +0100, Claudio Jeker wrote: > On Wed, Dec 05, 2018 at 11:53:48PM +0100, Remi Locherer wrote: > > On Wed, Dec 05, 2018 at 09:22:22AM +0100, Claudio Jeker wrote: > > > When parsing a network mask into prefixlen be more paranoid and make sure > > > no value bigger then 128 is returned. In general this should never happen > > > but if it does the result can be bad. > > > > > > This is for bgpd but there are other users in the tree. I will adjust them > > > if we dicide to go this way. > > > -- > > > :wq Claudio > > > > > > > makes sense to me. > > > > OK remi@ > > > > Here the same diff against other users of mask2prefixlen6(). > IIRC there are some other users with different function names which I need > to hunt down (unless someone else wants to do that job). > > Iked is a bit special since it returns 0 for non-contiguous netmasks. > Wonder if we should put a fatalx() there too - like in the other daemons.
I think it should be fatalx() also for iked. Your diff looks good to me, OK remi@. Below the same diff for ospf6d. Feel free to commit it together with the rest. cvs diff: Diffing . Index: util.c =================================================================== RCS file: /cvs/src/usr.sbin/ospf6d/util.c,v retrieving revision 1.2 diff -u -p -r1.2 util.c --- util.c 22 Oct 2012 07:28:49 -0000 1.2 +++ util.c 6 Dec 2018 18:49:51 -0000 @@ -91,7 +91,8 @@ clearscope(struct in6_addr *in6) u_int8_t mask2prefixlen(struct sockaddr_in6 *sa_in6) { - u_int8_t l = 0, *ap, *ep; + u_int8_t *ap, *ep; + u_int l = 0; /* * sin6_len is the size of the sockaddr so substract the offset of @@ -107,32 +108,35 @@ mask2prefixlen(struct sockaddr_in6 *sa_i break; case 0xfe: l += 7; - return (l); + goto done; case 0xfc: l += 6; - return (l); + goto done; case 0xf8: l += 5; - return (l); + goto done; case 0xf0: l += 4; - return (l); + goto done; case 0xe0: l += 3; - return (l); + goto done; case 0xc0: l += 2; - return (l); + goto done; case 0x80: l += 1; - return (l); + goto done; case 0x00: - return (l); + goto done; default: fatalx("non contiguous inet6 netmask"); } } +done: + if (l > sizeof(struct in6_addr) * 8) + fatalx("%s: prefixlen %d out of bound", __func__, l); return (l); }