From c44872c883cfb0e801a60a0bf5eb836b35ef2a96 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Mon, 30 Oct 2017 13:17:16 +0100 Subject: Bump coverage and simplify some code --- src/sp_network_utils.c | 19 ++++++------------- src/tests/broken_invalid_client_ip4.phpt | 19 +++++++++++++++++++ src/tests/config/disabled_functions_cidr.ini | 3 +++ 3 files changed, 28 insertions(+), 13 deletions(-) create mode 100644 src/tests/broken_invalid_client_ip4.phpt diff --git a/src/sp_network_utils.c b/src/sp_network_utils.c index 4b78ca5..206ae5b 100644 --- a/src/sp_network_utils.c +++ b/src/sp_network_utils.c @@ -32,9 +32,8 @@ static inline bool cidr6_match(const struct in6_addr address, const uint32_t *n = network.__u6_addr.__u6_addr32; #endif */ - int bits_whole, bits_incomplete; - bits_whole = bits >> 5; // number of whole u32 - bits_incomplete = bits & 0x1F; // number of bits in incomplete u32 + int bits_whole = bits >> 5; // number of whole u32 + int bits_incomplete = bits & 0x1F; // number of bits in incomplete u32 if (bits_whole) { if (memcmp(a, n, bits_whole << 2)) { return false; @@ -53,12 +52,8 @@ static inline int get_ip_version(const char *ip) { struct in_addr out4; struct in6_addr out6; int res = inet_pton(AF_INET, ip, &out4); - if (0 == res) { - if (1 == inet_pton(AF_INET6, ip, &out6)) { - return AF_INET6; - } else { - return -1; - } + if ((0 == res) && (1 == inet_pton(AF_INET6, ip, &out6))) { + return AF_INET6; } else if (1 == res) { return AF_INET; } else { @@ -66,7 +61,6 @@ static inline int get_ip_version(const char *ip) { } } -// TODO factorise a bit this function bool cidr_match(const char *ip, const sp_cidr *cidr) { struct in_addr out4; struct in6_addr out6; @@ -86,7 +80,6 @@ bool cidr_match(const char *ip, const sp_cidr *cidr) { return cidr6_match(out6, cidr->ip.ipv6, cidr->mask); default: sp_log_err("cidr_match", "Weird ip (%s) family", ip); - break; } return false; } @@ -111,6 +104,8 @@ int get_ip_and_cidr(char *ip, sp_cidr *cidr) { cidr->ip_version = get_ip_version(ip); + assert(cidr->ip_version == AF_INET6 || cidr->ip_version == AF_INET); + if (AF_INET == cidr->ip_version) { if (cidr->mask > 32) { sp_log_err("config", "'%d' isn't a valid ipv4 mask.", cidr->mask); @@ -119,8 +114,6 @@ int get_ip_and_cidr(char *ip, sp_cidr *cidr) { inet_pton(AF_INET, ip, &(cidr->ip.ipv4)); } else if (AF_INET6 == cidr->ip_version) { inet_pton(AF_INET6, ip, &(cidr->ip.ipv6)); - } else { - return -1; } ip[mask - ip] = '/'; diff --git a/src/tests/broken_invalid_client_ip4.phpt b/src/tests/broken_invalid_client_ip4.phpt new file mode 100644 index 0000000..cd62008 --- /dev/null +++ b/src/tests/broken_invalid_client_ip4.phpt @@ -0,0 +1,19 @@ +--TEST-- +Invalid client IP +--SKIPIF-- + +--ENV-- +return << +--EXPECTF-- +[snuffleupagus][xyz][cidr_match][error] Weird ip (xyz) family +[snuffleupagus][xyz][cidr_match][error] Weird ip (xyz) family +[snuffleupagus][xyz][cidr_match][error] Weird ip (xyz) family +[snuffleupagus][xyz][cidr_match][error] Weird ip (xyz) family diff --git a/src/tests/config/disabled_functions_cidr.ini b/src/tests/config/disabled_functions_cidr.ini index 6809586..21ed4b6 100644 --- a/src/tests/config/disabled_functions_cidr.ini +++ b/src/tests/config/disabled_functions_cidr.ini @@ -1,5 +1,8 @@ sp.disable_function.function("system").drop().cidr("192.168.0.1/16"); sp.disable_function.function("system").drop().cidr("127.0.0.1/8"); sp.disable_function.function("printf").drop().cidr("10.0.0.1/8"); +sp.disable_function.function("strpos").drop().cidr("0:0:0:0:0:0:0:1/128"); +sp.disable_function.function("strpos").drop().cidr("::ffff:192.0.2.128/128"); +sp.disable_function.function("strpos").drop().cidr("2001:ab9:a::123/64"); sp.disable_function.function("strpos").drop().cidr("2001:0db8:0000:0000:0000:ff00:0042:8329/24"); sp.disable_function.function("printf").drop().cidr("2002:0db8:0000:0000:0000:ff00:0042:8329/24"); -- cgit v1.3