summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoritojun <>2002-08-19 03:01:54 +0000
committeritojun <>2002-08-19 03:01:54 +0000
commit9137f89fa4996b672549800231e364a3428e5426 (patch)
treea1203c2a2c3b8672ff27690e0fff1d9267f1d375
parent90948399fc7adf735e441ab5f90b55dc9ee25673 (diff)
downloadopenbsd-9137f89fa4996b672549800231e364a3428e5426.tar.gz
openbsd-9137f89fa4996b672549800231e364a3428e5426.tar.bz2
openbsd-9137f89fa4996b672549800231e364a3428e5426.zip
snprintf audit. debug inet_neta() on non-continuous masks (like 0.255.0.255),
more pickier string manipulation. deraadt ok
Diffstat
-rw-r--r--src/lib/libc/net/inet_net_ntop.c41
-rw-r--r--src/lib/libc/net/inet_neta.c36
-rw-r--r--src/lib/libc/net/inet_ntop.c35
3 files changed, 76 insertions, 36 deletions
diff --git a/src/lib/libc/net/inet_net_ntop.c b/src/lib/libc/net/inet_net_ntop.c
index f5cb588d10..18eea6bb6d 100644
--- a/src/lib/libc/net/inet_net_ntop.c
+++ b/src/lib/libc/net/inet_net_ntop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: inet_net_ntop.c,v 1.2 2002/02/17 19:42:23 millert Exp $ */ 1/* $OpenBSD: inet_net_ntop.c,v 1.3 2002/08/19 03:01:54 itojun Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1996 by Internet Software Consortium. 4 * Copyright (c) 1996 by Internet Software Consortium.
@@ -21,7 +21,7 @@
21#if 0 21#if 0
22static const char rcsid[] = "$From: inet_net_ntop.c,v 8.2 1996/08/08 06:54:44 vixie Exp $"; 22static const char rcsid[] = "$From: inet_net_ntop.c,v 8.2 1996/08/08 06:54:44 vixie Exp $";
23#else 23#else
24static const char rcsid[] = "$OpenBSD: inet_net_ntop.c,v 1.2 2002/02/17 19:42:23 millert Exp $"; 24static const char rcsid[] = "$OpenBSD: inet_net_ntop.c,v 1.3 2002/08/19 03:01:54 itojun Exp $";
25#endif 25#endif
26#endif 26#endif
27 27
@@ -88,13 +88,19 @@ inet_net_ntop_ipv4(src, bits, dst, size)
88 char *t; 88 char *t;
89 u_int m; 89 u_int m;
90 int b; 90 int b;
91 char *ep;
92 int advance;
93
94 ep = dst + size;
95 if (ep <= dst)
96 goto emsgsize;
91 97
92 if (bits < 0 || bits > 32) { 98 if (bits < 0 || bits > 32) {
93 errno = EINVAL; 99 errno = EINVAL;
94 return (NULL); 100 return (NULL);
95 } 101 }
96 if (bits == 0) { 102 if (bits == 0) {
97 if (size < sizeof "0") 103 if (ep - dst < sizeof "0")
98 goto emsgsize; 104 goto emsgsize;
99 *dst++ = '0'; 105 *dst++ = '0';
100 *dst = '\0'; 106 *dst = '\0';
@@ -102,34 +108,43 @@ inet_net_ntop_ipv4(src, bits, dst, size)
102 108
103 /* Format whole octets. */ 109 /* Format whole octets. */
104 for (b = bits / 8; b > 0; b--) { 110 for (b = bits / 8; b > 0; b--) {
105 if (size < sizeof "255.") 111 if (ep - dst < sizeof "255.")
112 goto emsgsize;
113 advance = snprintf(dst, ep - dst, "%u", *src++);
114 if (advance <= 0 || advance >= ep - dst)
106 goto emsgsize; 115 goto emsgsize;
107 t = dst; 116 dst += advance;
108 dst += sprintf(dst, "%u", *src++);
109 if (b > 1) { 117 if (b > 1) {
118 if (dst + 1 >= ep)
119 goto emsgsize;
110 *dst++ = '.'; 120 *dst++ = '.';
111 *dst = '\0'; 121 *dst = '\0';
112 } 122 }
113 size -= (size_t)(dst - t);
114 } 123 }
115 124
116 /* Format partial octet. */ 125 /* Format partial octet. */
117 b = bits % 8; 126 b = bits % 8;
118 if (b > 0) { 127 if (b > 0) {
119 if (size < sizeof ".255") 128 if (ep - dst < sizeof ".255")
120 goto emsgsize; 129 goto emsgsize;
121 t = dst;
122 if (dst != odst) 130 if (dst != odst)
131 if (dst + 1 >= ep)
132 goto emsgsize;
123 *dst++ = '.'; 133 *dst++ = '.';
124 m = ((1 << b) - 1) << (8 - b); 134 m = ((1 << b) - 1) << (8 - b);
125 dst += sprintf(dst, "%u", *src & m); 135 advance = snprintf(dst, ep - dst, "%u", *src & m);
126 size -= (size_t)(dst - t); 136 if (advance <= 0 || advance >= ep - dst)
137 goto emsgsize;
138 dst += advance;
127 } 139 }
128 140
129 /* Format CIDR /width. */ 141 /* Format CIDR /width. */
130 if (size < sizeof "/32") 142 if (ep - dst < sizeof "/32")
143 goto emsgsize;
144 advance = snprintf(dst, ep - dst, "/%u", bits);
145 if (advance <= 0 || advance >= ep - dst)
131 goto emsgsize; 146 goto emsgsize;
132 dst += sprintf(dst, "/%u", bits); 147 dst += advance;
133 return (odst); 148 return (odst);
134 149
135 emsgsize: 150 emsgsize:
diff --git a/src/lib/libc/net/inet_neta.c b/src/lib/libc/net/inet_neta.c
index 881a328ab0..6960bcd0b5 100644
--- a/src/lib/libc/net/inet_neta.c
+++ b/src/lib/libc/net/inet_neta.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: inet_neta.c,v 1.3 2002/05/24 21:22:37 deraadt Exp $ */ 1/* $OpenBSD: inet_neta.c,v 1.4 2002/08/19 03:01:54 itojun Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1996 by Internet Software Consortium. 4 * Copyright (c) 1996 by Internet Software Consortium.
@@ -19,9 +19,9 @@
19 19
20#if defined(LIBC_SCCS) && !defined(lint) 20#if defined(LIBC_SCCS) && !defined(lint)
21#if 0 21#if 0
22static const char rcsid[] = "$Id: inet_neta.c,v 1.3 2002/05/24 21:22:37 deraadt Exp $"; 22static const char rcsid[] = "$Id: inet_neta.c,v 1.4 2002/08/19 03:01:54 itojun Exp $";
23#else 23#else
24static const char rcsid[] = "$OpenBSD: inet_neta.c,v 1.3 2002/05/24 21:22:37 deraadt Exp $"; 24static const char rcsid[] = "$OpenBSD: inet_neta.c,v 1.4 2002/08/19 03:01:54 itojun Exp $";
25#endif 25#endif
26#endif 26#endif
27 27
@@ -52,29 +52,37 @@ inet_neta(src, dst, size)
52 size_t size; 52 size_t size;
53{ 53{
54 char *odst = dst; 54 char *odst = dst;
55 char *tp; 55 char *ep;
56 int advance;
56 57
58 if (src == 0x00000000) {
59 if (size < sizeof "0.0.0.0")
60 goto emsgsize;
61 strlcpy(dst, "0.0.0.0", size);
62 return dst;
63 }
64 ep = dst + size;
65 if (ep <= dst)
66 goto emsgsize;
57 while (src & 0xffffffff) { 67 while (src & 0xffffffff) {
58 u_char b = (src & 0xff000000) >> 24; 68 u_char b = (src & 0xff000000) >> 24;
59 69
60 src <<= 8; 70 src <<= 8;
61 if (b) { 71 if (b || src) {
62 if (size < sizeof "255.") 72 if (ep - dst < sizeof "255.")
73 goto emsgsize;
74 advance = snprintf(dst, ep - dst, "%u", b);
75 if (advance <= 0 || advance >= ep - dst)
63 goto emsgsize; 76 goto emsgsize;
64 tp = dst; 77 dst += advance;
65 dst += sprintf(dst, "%u", b);
66 if (src != 0L) { 78 if (src != 0L) {
79 if (dst + 1 >= ep)
80 goto emsgsize;
67 *dst++ = '.'; 81 *dst++ = '.';
68 *dst = '\0'; 82 *dst = '\0';
69 } 83 }
70 size -= (size_t)(dst - tp);
71 } 84 }
72 } 85 }
73 if (dst == odst) {
74 if (size < sizeof "0.0.0.0")
75 goto emsgsize;
76 strlcpy(dst, "0.0.0.0", size);
77 }
78 return (odst); 86 return (odst);
79 87
80 emsgsize: 88 emsgsize:
diff --git a/src/lib/libc/net/inet_ntop.c b/src/lib/libc/net/inet_ntop.c
index 212c0396b2..5293e80fc0 100644
--- a/src/lib/libc/net/inet_ntop.c
+++ b/src/lib/libc/net/inet_ntop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: inet_ntop.c,v 1.3 2002/05/24 21:22:37 deraadt Exp $ */ 1/* $OpenBSD: inet_ntop.c,v 1.4 2002/08/19 03:01:54 itojun Exp $ */
2 2
3/* Copyright (c) 1996 by Internet Software Consortium. 3/* Copyright (c) 1996 by Internet Software Consortium.
4 * 4 *
@@ -20,7 +20,7 @@
20#if 0 20#if 0
21static char rcsid[] = "$From: inet_ntop.c,v 8.7 1996/08/05 08:41:18 vixie Exp $"; 21static char rcsid[] = "$From: inet_ntop.c,v 8.7 1996/08/05 08:41:18 vixie Exp $";
22#else 22#else
23static char rcsid[] = "$OpenBSD: inet_ntop.c,v 1.3 2002/05/24 21:22:37 deraadt Exp $"; 23static char rcsid[] = "$OpenBSD: inet_ntop.c,v 1.4 2002/08/19 03:01:54 itojun Exp $";
24#endif 24#endif
25#endif /* LIBC_SCCS and not lint */ 25#endif /* LIBC_SCCS and not lint */
26 26
@@ -116,10 +116,12 @@ inet_ntop6(src, dst, size)
116 * Keep this in mind if you think this function should have been coded 116 * Keep this in mind if you think this function should have been coded
117 * to use pointer overlays. All the world's not a VAX. 117 * to use pointer overlays. All the world's not a VAX.
118 */ 118 */
119 char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"], *tp; 119 char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"];
120 char *tp, *ep;
120 struct { int base, len; } best, cur; 121 struct { int base, len; } best, cur;
121 u_int words[IN6ADDRSZ / INT16SZ]; 122 u_int words[IN6ADDRSZ / INT16SZ];
122 int i; 123 int i;
124 int advance;
123 125
124 /* 126 /*
125 * Preprocess: 127 * Preprocess:
@@ -156,30 +158,45 @@ inet_ntop6(src, dst, size)
156 * Format the result. 158 * Format the result.
157 */ 159 */
158 tp = tmp; 160 tp = tmp;
159 for (i = 0; i < (IN6ADDRSZ / INT16SZ); i++) { 161 ep = tmp + sizeof(tmp);
162 for (i = 0; i < (IN6ADDRSZ / INT16SZ) && tp < ep; i++) {
160 /* Are we inside the best run of 0x00's? */ 163 /* Are we inside the best run of 0x00's? */
161 if (best.base != -1 && i >= best.base && 164 if (best.base != -1 && i >= best.base &&
162 i < (best.base + best.len)) { 165 i < (best.base + best.len)) {
163 if (i == best.base) 166 if (i == best.base) {
167 if (tp + 1 >= ep)
168 return (NULL);
164 *tp++ = ':'; 169 *tp++ = ':';
170 }
165 continue; 171 continue;
166 } 172 }
167 /* Are we following an initial run of 0x00s or any real hex? */ 173 /* Are we following an initial run of 0x00s or any real hex? */
168 if (i != 0) 174 if (i != 0) {
175 if (tp + 1 >= ep)
176 return (NULL);
169 *tp++ = ':'; 177 *tp++ = ':';
178 }
170 /* Is this address an encapsulated IPv4? */ 179 /* Is this address an encapsulated IPv4? */
171 if (i == 6 && best.base == 0 && 180 if (i == 6 && best.base == 0 &&
172 (best.len == 6 || (best.len == 5 && words[5] == 0xffff))) { 181 (best.len == 6 || (best.len == 5 && words[5] == 0xffff))) {
173 if (!inet_ntop4(src+12, tp, sizeof tmp - (tp - tmp))) 182 if (!inet_ntop4(src+12, tp, (size_t)(ep - tp)))
174 return (NULL); 183 return (NULL);
175 tp += strlen(tp); 184 tp += strlen(tp);
176 break; 185 break;
177 } 186 }
178 tp += sprintf(tp, "%x", words[i]); 187 advance = snprintf(tp, ep - tp, "%x", words[i]);
188 if (advance <= 0 || advance >= ep - tp)
189 return (NULL);
190 tp += advance;
179 } 191 }
180 /* Was it a trailing run of 0x00's? */ 192 /* Was it a trailing run of 0x00's? */
181 if (best.base != -1 && (best.base + best.len) == (IN6ADDRSZ / INT16SZ)) 193 if (best.base != -1 && (best.base + best.len) == (IN6ADDRSZ / INT16SZ)) {
194 if (tp + 1 >= ep)
195 return (NULL);
182 *tp++ = ':'; 196 *tp++ = ':';
197 }
198 if (tp + 1 >= ep)
199 return (NULL);
183 *tp++ = '\0'; 200 *tp++ = '\0';
184 201
185 /* 202 /*
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 10:39:24 +0000