lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1197070894.5385.14.camel@localhost.localdomain>
Date:	Sat, 08 Dec 2007 00:41:34 +0100
From:	Andreas Henriksson <andreas@...al.se>
To:	Stephen Hemminger <shemminger@...ux-foundation.org>
Cc:	netdev@...r.kernel.org
Subject: Re: [PATCH] iproute2: support dotted-quad netmask notation.


On tor, 2007-12-06 at 11:53 -0800, Stephen Hemminger wrote:
> On Tue, 4 Dec 2007 14:58:18 +0100
> Andreas Henriksson <andreas@...al.se> wrote:
> 
> > Suggested patch for allowing netmask to be specified in dotted quad format.
> > See http://bugs.debian.org/357172
> > 
> > (Known problem: this will not prevent some invalid syntaxes,
> > ie. "255.0.255.0" will be treated as "255.255.255.0")
> > 
> > Comments? Suggestions? Improvements?
> 
> Fix the bug you mentioned?
> 
> [... snip example code ...]

Updated patch, added your netmask validation code but without the check
that made 0.0.0.0 (default) and 255.255.255.255 (one address) invalid
netmasks as they are permitted in CIDR format. 

Signed-off-by: Andreas Henriksson <andreas@...al.se>

diff --git a/lib/utils.c b/lib/utils.c
index 4c42dfd..b4a6125 100644
--- a/lib/utils.c
+++ b/lib/utils.c
@@ -47,6 +47,41 @@ int get_integer(int *val, const char *arg, int base)
 	return 0;
 }
 
+/* a valid netmask must be 2^n - 1 (n = 1..31) */
+static int is_valid_netmask(const inet_prefix *addr)
+{
+        uint32_t host;
+
+        if (addr->family != AF_INET)
+                return 0;
+
+        host = ~ntohl(addr->data[0]);
+
+        return (host & (host + 1)) == 0;
+}
+
+static int get_netmask(unsigned *val, const char *arg, int base)
+{
+	inet_prefix addr;
+
+	if (!get_unsigned(val, arg, base))
+		return 0;
+
+	/* try coverting dotted quad to CIDR */
+	if (!get_addr_1(&addr, arg, AF_INET)) {
+		u_int32_t mask;
+
+		*val=0;
+		for (mask = addr.data[0]; mask; mask >>= 1)
+			(*val)++;
+
+		if (is_valid_netmask(&addr))
+			return 0;
+	}
+
+	return -1;
+}
+
 int get_unsigned(unsigned *val, const char *arg, int base)
 {
 	unsigned long res;
@@ -304,7 +339,8 @@ int get_prefix_1(inet_prefix *dst, char *arg, int family)
 				dst->bitlen = 32;
 		}
 		if (slash) {
-			if (get_unsigned(&plen, slash+1, 0) || plen > dst->bitlen) {
+			if (get_netmask(&plen, slash+1, 0)
+					|| plen > dst->bitlen) {
 				err = -1;
 				goto done;
 			}


-- 
Regards,
Andreas Henriksson

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ