diff options
| author | Daniil Baturin <daniil@baturin.org> | 2024-09-27 16:15:40 +0100 |
|---|---|---|
| committer | Daniil Baturin <daniil@baturin.org> | 2024-09-27 16:15:40 +0100 |
| commit | 1296d16851d9d3747cc1bcd6f4c87dd9010559b2 (patch) | |
| tree | 3fee81743df5337c96b58c1ac1bce52ba4c9ca4b | |
| parent | 725b24191bb0a8aaaf4d86249aa81c274e43e66d (diff) | |
| download | ipaddrcheck-1296d16851d9d3747cc1bcd6f4c87dd9010559b2.tar.gz ipaddrcheck-1296d16851d9d3747cc1bcd6f4c87dd9010559b2.zip | |
range: T6744: fix a crash when validating malformed ranges
| -rw-r--r-- | src/ipaddrcheck_functions.c | 29 | ||||
| -rwxr-xr-x | tests/integration_tests.sh | 3 |
2 files changed, 19 insertions, 13 deletions
diff --git a/src/ipaddrcheck_functions.c b/src/ipaddrcheck_functions.c index 2d2dff3..034fd54 100644 --- a/src/ipaddrcheck_functions.c +++ b/src/ipaddrcheck_functions.c @@ -546,7 +546,10 @@ int is_ipv4_range(char* range_str, int prefix_length, int verbose) If the regex check succeeded, we know the hyphen is there. */ split_range(range_str, left, right); - if( !is_ipv4_single(left) ) + CIDR* left_addr = cidr_from_str(left); + CIDR* right_addr = cidr_from_str(right); + + if( !(is_ipv4_single(left) && is_valid_address(left_addr)) ) { if( verbose ) { @@ -554,7 +557,7 @@ int is_ipv4_range(char* range_str, int prefix_length, int verbose) } result = RESULT_FAILURE; } - else if( !is_ipv4_single(right) ) + else if( !(is_ipv4_single(right) && is_valid_address(right_addr)) ) { if( verbose ) { @@ -564,8 +567,6 @@ int is_ipv4_range(char* range_str, int prefix_length, int verbose) } else { - CIDR* left_addr = cidr_from_str(left); - CIDR* right_addr = cidr_from_str(right); struct in_addr* left_in_addr = cidr_to_inaddr(left_addr, NULL); struct in_addr* right_in_addr = cidr_to_inaddr(right_addr, NULL); @@ -608,9 +609,9 @@ int is_ipv4_range(char* range_str, int prefix_length, int verbose) result = RESULT_FAILURE; } - cidr_free(left_addr); - cidr_free(right_addr); } + cidr_free(left_addr); + cidr_free(right_addr); } return(result); @@ -644,7 +645,11 @@ int is_ipv6_range(char* range_str, int prefix_length, int verbose) If the regex check succeeded, we know the hyphen is there. */ split_range(range_str, left, right); - if( !is_ipv6_single(left) ) + CIDR* left_addr = cidr_from_str(left); + CIDR* right_addr = cidr_from_str(right); + + if( !(is_ipv6_single(left) && + is_valid_address(left_addr) && !duplicate_double_colons(left)) ) { if( verbose ) { @@ -652,7 +657,8 @@ int is_ipv6_range(char* range_str, int prefix_length, int verbose) } result = RESULT_FAILURE; } - else if( !is_ipv6_single(right) ) + else if( !(is_ipv6_single(right) && + is_valid_address(right_addr) && !duplicate_double_colons(right)) ) { if( verbose ) { @@ -662,8 +668,6 @@ int is_ipv6_range(char* range_str, int prefix_length, int verbose) } else { - CIDR* left_addr = cidr_from_str(left); - CIDR* right_addr = cidr_from_str(right); struct in6_addr* left_in6_addr = cidr_to_in6addr(left_addr, NULL); struct in6_addr* right_in6_addr = cidr_to_in6addr(right_addr, NULL); @@ -705,10 +709,9 @@ int is_ipv6_range(char* range_str, int prefix_length, int verbose) } result = RESULT_FAILURE; } - - cidr_free(left_addr); - cidr_free(right_addr); } + cidr_free(left_addr); + cidr_free(right_addr); } return(result); diff --git a/tests/integration_tests.sh b/tests/integration_tests.sh index 3a1e4ea..2c2c72b 100755 --- a/tests/integration_tests.sh +++ b/tests/integration_tests.sh @@ -56,6 +56,7 @@ ipv4_range_negative=( 192.0.2.-192.0.2.100 192.0.2.0- 192.0.2.200-192.0.2.100 + 192.0.2.1-192.0.2.500 ) ipv6_range_positive=( @@ -66,6 +67,8 @@ ipv6_range_negative=( 2001:db8:xx-2001:db8::99 2001:db:- 2001:db8::99-2001:db8::1 + 2001::db8::1:1-2001::db8::1::10 + 2001:db8:pqrs::1-2001:db8:uvwx::100 ) ipv6_single_positive=( |