Date: Thu, 31 May 2001 20:12:06 +0200 (CEST) From: Jesper Skriver <jesper@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: misc/27799: Improve IP address checking in sysinstall, and fix 2 bugs. Message-ID: <20010531181206.1BA5F5D83@freesbee.wheel.dk>
next in thread | raw e-mail | index | archive | help
>Number: 27799
>Category: misc
>Synopsis: Improve IP address checking in sysinstall, and fix 2 bugs.
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu May 31 11:20:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Jesper Skriver
>Release: FreeBSD 4.3-RC i386
>Organization:
>Environment:
System: FreeBSD freesbee.wheel.dk 4.3-RC FreeBSD 4.3-RC #0: Fri Apr 6 23:04:47 CEST 2001 root@freesbee.wheel.dk:/usr/obj/usr/src/sys/FREESBEE i386
>Description:
sysinstall(8) today have bogus checks of the fourth octet of a
IPv4 address is 0 or 255.
The below diff remove these, and add a new check that the address specified
is not the network or broadcast address.
>How-To-Repeat:
Try to configure a FreeBSD machine with the ip address 10.0.1.0 with a
netmask of 255.255.254.0 (/23), which is a perfect valid host address.
>Fix:
Apply
Index: src/usr.sbin/sysinstall/tcpip.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/sysinstall/tcpip.c,v
retrieving revision 1.113
diff -u -r1.113 tcpip.c
--- src/usr.sbin/sysinstall/tcpip.c 2001/03/02 08:15:41 1.113
+++ src/usr.sbin/sysinstall/tcpip.c 2001/05/27 21:58:14
@@ -118,11 +118,14 @@
/* Verify IP address integrity */
static int
-verifyIP(char *ip, unsigned long *out)
+verifyIP(char *ip, unsigned long *mask, unsigned long *out)
{
long a, b, c, d;
char *endptr;
+ unsigned long parsedip;
+ unsigned long max_addr = (255 << 24) | (255 << 16) | (255 << 8) | 255;
+
if (ip == NULL)
return 0;
a = strtol(ip, &endptr, 10);
@@ -137,14 +140,17 @@
d = strtol(endptr, &endptr, 10);
if (*endptr != '\0')
return 0;
- /* Both 0 and 255 are technically valid in nets that are larger
- than class C, but at least MS' TCP/IP stacks freak out if they see
- them. */
- if (!_validByte(a) || !_validByte(b) || !_validByte(c) ||
- !_validByte(d) || (d == 0) || (d == 255))
+ if (!_validByte(a) || !_validByte(b) || !_validByte(c) || !_validByte(d))
return 0;
+ parsedip = (a << 24) | (b << 16) | (c << 8) | d;
if (out)
- *out = (a << 24) | (b << 16) | (c << 8) | d;
+ *out = parsedip;
+ /*
+ * The ip address must not be network or broadcast address.
+ */
+ if (mask && ((parsedip == (parsedip & *mask)) ||
+ (parsedip == ((parsedip & *mask) + max_addr - *mask))))
+ return 0;
return 1;
}
@@ -209,7 +215,7 @@
{
unsigned long parsedgw;
- if (!verifyIP(gw, &parsedgw))
+ if (!verifyIP(gw, mask, &parsedgw))
return 0;
/* Gateway needs to be within the set of IPs reachable through the
interface */
@@ -228,13 +234,13 @@
if (!hostname[0])
feepout("Must specify a host name of some sort!");
- else if (nameserver[0] && !verifyIP(nameserver, NULL) &&
+ else if (netmask[0] && !verifyNetmask(netmask, &parsednetmask))
+ feepout("Invalid netmask value");
+ else if (nameserver[0] && !verifyIP(nameserver, NULL, NULL) &&
!verifyIP6(nameserver))
feepout("Invalid name server IP address specified");
- else if (ipaddr[0] && !verifyIP(ipaddr, &parsedip))
+ else if (ipaddr[0] && !verifyIP(ipaddr, &parsednetmask, &parsedip))
feepout("Invalid IPv4 address");
- else if (netmask[0] && !verifyNetmask(netmask, &parsednetmask))
- feepout("Invalid netmask value");
else if (gateway[0] && strcmp(gateway, "NO") &&
!verifyGW(gateway, ipaddr[0] ? &parsedip : NULL,
netmask[0] ? &parsednetmask : NULL))
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010531181206.1BA5F5D83>