From a997aac81cdda77028f74211cad2d07489854994 Mon Sep 17 00:00:00 2001 From: Ben Fuhrmannek Date: Sat, 7 Aug 2021 18:45:33 +0200 Subject: fixed cidr matching and test cases --- src/sp_config.c | 2 +- src/sp_network_utils.c | 10 +++++++++- .../broken_conf_invalid_cidr6_too_big.phpt | 4 ++++ .../broken_configuration_php8/broken_conf_invalid_cidr.phpt | 3 +-- .../broken_conf_invalid_cidr6_too_big.phpt | 4 ++++ 5 files changed, 19 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/sp_config.c b/src/sp_config.c index 667867b..0144b1a 100644 --- a/src/sp_config.c +++ b/src/sp_config.c @@ -163,7 +163,7 @@ int parse_cidr(char *restrict line, char *restrict keyword, void *retval) { sp_cidr *cidr = pecalloc(sizeof(sp_cidr), 1, 1); - if (0 == get_ip_and_cidr(ZSTR_VAL(value), cidr)) { + if (0 != get_ip_and_cidr(ZSTR_VAL(value), cidr)) { pefree(cidr, 1); *(sp_cidr **)retval = NULL; return -1; diff --git a/src/sp_network_utils.c b/src/sp_network_utils.c index 31e8426..5b4fd95 100644 --- a/src/sp_network_utils.c +++ b/src/sp_network_utils.c @@ -91,10 +91,13 @@ int get_ip_and_cidr(char *ip, sp_cidr *cidr) { return -1; } - if (sscanf(mask + 1, "%hhu", &(cidr->mask)) != 1) { + int masklen = strlen(mask+1); + int imask = atoi(mask+1); + if (masklen < 1 || masklen > 3 || !isdigit(*(mask+1)) || (masklen >= 2 && !isdigit(*(mask+2))) || (masklen == 3 && !isdigit(*(mask+3))) || imask < 0 || imask > 128) { sp_log_err("config", "'%s' isn't a valid network mask.", mask + 1); return -1; } + cidr->mask = (uint8_t)imask; ip[mask - ip] = '\0'; // NULL the '/' char @@ -113,5 +116,10 @@ int get_ip_and_cidr(char *ip, sp_cidr *cidr) { } ip[mask - ip] = '/'; + if (cidr->ip_version < 0) { + sp_log_err("cidr_match", "Weird ip (%s) family", ip); + return -1; + } + return 0; } diff --git a/src/tests/broken_configuration/broken_conf_invalid_cidr6_too_big.phpt b/src/tests/broken_configuration/broken_conf_invalid_cidr6_too_big.phpt index 47d4a5d..bc353c9 100644 --- a/src/tests/broken_configuration/broken_conf_invalid_cidr6_too_big.phpt +++ b/src/tests/broken_configuration/broken_conf_invalid_cidr6_too_big.phpt @@ -3,7 +3,11 @@ Broken configuration, cidr for ipv6 is too big, that will `mod` to 25. (13337%128 = 25) --SKIPIF-- += 80000) print "skip"; ?> --INI-- sp.configuration_file={PWD}/config/broken_conf_invalid_cidr6_too_big.ini --FILE-- --EXPECT-- + +Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0 +Could not startup. \ No newline at end of file diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_cidr.phpt index f66d8b6..7bbf132 100644 --- a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr.phpt +++ b/src/tests/broken_configuration_php8/broken_conf_invalid_cidr.phpt @@ -7,8 +7,7 @@ Broken configuration sp.configuration_file={PWD}/config/broken_conf_invalid_cidr.ini --FILE-- --EXPECT-- - Fatal error: [snuffleupagus][0.0.0.0][config][log] '42' isn't a valid ipv4 mask. in Unknown on line 0 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0 -Could not startup. +Could not startup. \ No newline at end of file diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_too_big.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_too_big.phpt index 47d4a5d..07acfb1 100644 --- a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_too_big.phpt +++ b/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_too_big.phpt @@ -7,3 +7,7 @@ Broken configuration, cidr for ipv6 is too big, that will `mod` to 25. sp.configuration_file={PWD}/config/broken_conf_invalid_cidr6_too_big.ini --FILE-- --EXPECT-- +Fatal error: [snuffleupagus][0.0.0.0][config][log] '13337' isn't a valid network mask. in Unknown on line 0 + +Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0 +Could not startup. \ No newline at end of file -- cgit v1.3