FreeBSD Bugzilla – Attachment 14880 Details for
Bug 27799
Improve IP address checking in sysinstall, and fix 2 bugs.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 2.56 KB, created by
Jesper Skriver
on 2001-05-31 19:20:01 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Jesper Skriver
Created:
2001-05-31 19:20:01 UTC
Size:
2.56 KB
patch
obsolete
>Index: src/usr.sbin/sysinstall/tcpip.c >=================================================================== >RCS file: /home/ncvs/src/usr.sbin/sysinstall/tcpip.c,v >retrieving revision 1.113 >diff -u -r1.113 tcpip.c >--- src/usr.sbin/sysinstall/tcpip.c 2001/03/02 08:15:41 1.113 >+++ src/usr.sbin/sysinstall/tcpip.c 2001/05/27 21:58:14 >@@ -118,11 +118,14 @@ > > /* Verify IP address integrity */ > static int >-verifyIP(char *ip, unsigned long *out) >+verifyIP(char *ip, unsigned long *mask, unsigned long *out) > { > long a, b, c, d; > char *endptr; > >+ unsigned long parsedip; >+ unsigned long max_addr = (255 << 24) | (255 << 16) | (255 << 8) | 255; >+ > if (ip == NULL) > return 0; > a = strtol(ip, &endptr, 10); >@@ -137,14 +140,17 @@ > d = strtol(endptr, &endptr, 10); > if (*endptr != '\0') > return 0; >- /* Both 0 and 255 are technically valid in nets that are larger >- than class C, but at least MS' TCP/IP stacks freak out if they see >- them. */ >- if (!_validByte(a) || !_validByte(b) || !_validByte(c) || >- !_validByte(d) || (d == 0) || (d == 255)) >+ if (!_validByte(a) || !_validByte(b) || !_validByte(c) || !_validByte(d)) > return 0; >+ parsedip = (a << 24) | (b << 16) | (c << 8) | d; > if (out) >- *out = (a << 24) | (b << 16) | (c << 8) | d; >+ *out = parsedip; >+ /* >+ * The ip address must not be network or broadcast address. >+ */ >+ if (mask && ((parsedip == (parsedip & *mask)) || >+ (parsedip == ((parsedip & *mask) + max_addr - *mask)))) >+ return 0; > return 1; > } > >@@ -209,7 +215,7 @@ > { > unsigned long parsedgw; > >- if (!verifyIP(gw, &parsedgw)) >+ if (!verifyIP(gw, mask, &parsedgw)) > return 0; > /* Gateway needs to be within the set of IPs reachable through the > interface */ >@@ -228,13 +234,13 @@ > > if (!hostname[0]) > feepout("Must specify a host name of some sort!"); >- else if (nameserver[0] && !verifyIP(nameserver, NULL) && >+ else if (netmask[0] && !verifyNetmask(netmask, &parsednetmask)) >+ feepout("Invalid netmask value"); >+ else if (nameserver[0] && !verifyIP(nameserver, NULL, NULL) && > !verifyIP6(nameserver)) > feepout("Invalid name server IP address specified"); >- else if (ipaddr[0] && !verifyIP(ipaddr, &parsedip)) >+ else if (ipaddr[0] && !verifyIP(ipaddr, &parsednetmask, &parsedip)) > feepout("Invalid IPv4 address"); >- else if (netmask[0] && !verifyNetmask(netmask, &parsednetmask)) >- feepout("Invalid netmask value"); > else if (gateway[0] && strcmp(gateway, "NO") && > !verifyGW(gateway, ipaddr[0] ? &parsedip : NULL, > netmask[0] ? &parsednetmask : NULL))
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=14880">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 27799
: 14880